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Carriers 
to  make  hay 
on  IP  VPNs 

■  BY  TIM  GREENE 

Expect  a  flurry  of  announce¬ 
ments  this  year  as  service  provid¬ 
ers  such  as  AT&T  and  BellSouth 
add  class  of  service,  network- 
based  security  and  a  greater 
range  of  access  methods  to  their 
network-based  IP  VPN  services. 

AT&T,  which  most  analysts  say 
leads  in  sales  of  IP  VPN  services, 
will  announce  later  this  year  that 
it  will  blend  sites  connected  by 
private  lines  into  VPNs  with  sites 
that  are  connected  by  frame 
relay  This  will  benefit  customers 
who  need  a  high-bandwidth  con¬ 
nection  (private  line)  to  a  major 
site  but  smaller  ones  (frame 
relay)  for  branches.lt  is  uncertain 
how  AT&T’s  merger  with  SBC  will 
affect  this  plan. 

See  VPN,  page  16 


Shake-up  in  telecom 
has  users  on  edge 


fc  IThis  deal  is  strategic,  straight- 
forward,  simple  and  compelling.!  ! 

Ivan  Seidenberg 

Chairman  and  CEO,  Verizon 


■  BY  JIM  DUFFY  AND 
DENISE  PAPPALARDO 

:So  what  happens  now? 

With  fewer,  bigger  telecom  play¬ 
ers  left  standing,  network  execu¬ 
tives  are  bracing  for  changes  in 
the  way  they  procure  services. 
Some  fear  that  lessened  competi¬ 
tion  will  weaken  their  bargaining 
leverage  and  drive  up  prices. 

It  is  also  possible  that  a  new  reg¬ 
ulatory  framework  could  emerge 
after  the  megamergers  —  MCI 
with  either  Verizon  or  Qwest,  and 


SBC  with  AT&T  —  that  would  en¬ 
sure  the  new  megacarriers  don’t 
abuse  their  positions.Then  again, 
more  regulation  might  mean  less 
innovation. 

These  are  the  great  unknowns 
in  the  age  of  telecom  consoli¬ 
dation,  which  accelerated  with 


Verizon’s  $6.7  billion  bid  last 
week  for  MCI.  It  heated  up  some 
more  when  Qwest,  which  had  its 
first  bid  spurned  by  MCI,  late  last 
week  said  it  would  present  a 
“modified”  offer  after  examining 
Verizon’s  bid. 

See  Mergers,  page  12 


CUnilZTiyC  0ur  recap  ,ast  week’s  key  conferences: 

OtlUW  I  I  Ml  LinuxWorld:  Open  source  gains  RSA  Conference:  Microsoft’s  mal-  Demo®15:  New  offerings  for 

momentum  on  the  desktop.  Page  6.  ware  initiatives  draw  fire.  Page  10.  work  —  and  play.  Page  74. 


Microsoft 
preps  move 
on  ID  mgmt. 

■  BY  JOHN  FONTANA 

Microsoft  is  working  on  restruc¬ 
turing  its  identity  management 
platform,  adding  services  directly 
into  the  operating  system  with  an 
eye  toward  lessening  users’  cur¬ 
rent  integration  chores. 

The  biggest  additions  would  be 
folding  Microsoft’s  Identity  Integr¬ 
ation  Server  (MIIS)  —  a  separate 
product  and  cornerstone  for 
Microsoft’s  identity  platform  — 
into  Windows  to  add  services 
such  as  provisioning  and  pass¬ 
word  management.The  operating 
system  already  includes  Active 
Directory  another  foundation  of 
Microsoft’s  identity  platform. 

The  sources  say  Microsoft  is  de¬ 
veloping  new  workflow  technol¬ 
ogy  for  the  operating  system  that 
See  Microsoft,  page  10 


Companies  are  moving  from  internal  app 
integration  projects  to  Web  services  that 
transform  core  business  processes.  PAGE  57 
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Selling  bunker  mentality  to  IT  shops 


Couple  sees  missile  silo 
as  disaster- recovery  site 
—  not  to  mention  home. 

■  BY  JOHN  FONTANA 

Kimball,  Neb.  —  Don 
and  Charlene  Zwonitzer 
know  a  thing  or  two 
about  preparing  for  the 
unexpected. 

The  knowledge  comes  from 
reclaiming  a  1960s-era  Atlas  E 
Missile  Silo  and  converting  it 
into  home  sweet  home  —  and 
eventually,  they  hope,  a  mod¬ 
ern-day  computer  disaster- 
recovery  facility 


Home  for  the  Zwonitzers  is 
20  feet  underground  in  the 
panhandle  of  Nebraska,  where 
arriving  visitors  disappear  into 


the  middle  of  nowhere  before 
finding  themselves  in  front  of 
the  couple’s  47-ton  steel 

See  Bunker,  page  14 
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Mr.  500  Servers 
in  156  Countries 
Managed  from 
1  Location 


mrnM  m 


Department  of 
Foreign  Affairs, 
Switzerland 


& 


"We  have  3,000  PCs  based  everywhere  from 
Argentina  to  Vietnam,  and  now  our  team  can 
update  them  all  from  headquarters." 

Viktor  Portmann 

Project  Manager,  Department  of  Foreign  Affairs,  Switzerland 


Make  a  name  for  yourself  with  Windows  Server  System™  Microsoft  Windows  Server  System  makes  it 
easier  for  Switzerland's  Federal  Department  of  Foreign  Affairs  (DFA)  to  manage  the  infrastructure  serving 
their  embassies  and  consulates  in  156  countries.  Here's  how:  By  using  Systems  Management  Server  200S 
and  Microsoft  Operations  Manager  2005,  DFA  can  automatically  update  its  500  remote  servers  from  a 
central  location,  saving  over  $600,000  in  travel  expenses  alone  in  the  past  year.  They've  also  been  able  to 
reduce  the  time  and  cost  of  maintenance,  boost  user  productivity,  and  find  the  time  to  better  prepare  for 
expansion.  Software  that's  easier  to  manage  is  software  that  helps  you  do  more  with  less.  To  get  the  full 
DFA  story  or  to  find  a  Microsoft  Certified  Partner,  go  to  microsoft.com/wssystem 


Microsoft* 


Windows 
Server  System 
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■  6  Users  reap  Linux  data  center  savings. 

■  6  Novell  extends  open  source  reach, 

■  9  Cost,  complexity  still  slow  speech  apps. 

■  10  RSA  Conference  sets  stage  for  malware  war. 

■  12  FCC  could  force  requirements  on  merged  carriers. 


Net  Infrastructure 

■  17  VoIP  security  vendors  debut 
new  tools. 

■  18  RSA:  HP  finds  place  for 
virus  throttling. 

■  18  HP  unleashes  WAN,  LAN, 
wireless  products. 

Enterprise 

Computing 

■  19  Tool  partitions  one  processor 
into  10. 

■  19  Novell  targets  healthcare 
with  new  workstation. 

■  20  Special  Focus:  Gutting 
the  cord  on  thin  clients. 

Application 

Services 


NetWorker 

■  25  IRS  teams  up  to  provide 

home-based  jobs  for  disabled 
workers.  i 

■  26  Toni  Kistner:  ARO  i 

Outsourcing  expands  at-home  jobs 
beyond  the  call  center. 

Technology  Update 

■  51  UPSD  saves  cell  phone 
power. 

■  51  Steve  Biass:  Ask  Or. 

Internet. 

■  52  Mark  Gibbs:  Dining  at 
Chez  Gearhead. 

■  52  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 


Face-Off: 

Are  employees  the  biggest  threat  to  network  security? 
Joseph  Ansanelli  of  Vontu  says  yes,  but  Jonathan 
Bingham  of  Intrusic  argues  against.  Page  56. 

Web  services  take  ofl: 

Companies  are  making  the  transition  from  projects  that 
used  Web  services  to  integrate  internal  applications 
to  more  advanced  projects  that  connect  with 
business  partners  and  transform  key  business 
processes,  Page  58. 


WaveLink  Mobile  Manager 
Enterprise  can  help  you  manage 
your  WLAN  infrastructure.  Page  59. 


In  the  first  of  a  six-part  senes,  we  gauge  enterprise 
progress  in  piecing  together  the  next-generation  IT 
architecture.  Supplement  begins  after  page  26. 


Where  are  we  now?  IT  frameworks 

demystified 


We  map  the  industry's  progress 
on  the  journey  to  the  new  data  ITIL,  COBIT.  CMMi,  IS0 17799  - 

best  practices  abound  for 
managing  the  new  data  center. 

PageS18 


center.  Page  S3 


A  20:1  proposition 
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spiraling  IT  costs. 

PageS14 
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WhenSOAs 
rule  the  world 


Author  Geoffrey  Moore  explains 
how  SOAs  will  become  die  under¬ 
lying  force  of  the  new  data 
center.  Page  S22 
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Breaking  News 


Go  online  for  breaking  news  every  day.  DocFinder  6342 


Available  only  on  Fusion 

Demo:  Highlights  from  the  show  floor 

Over  two  days,  Demo  attendees  saw  74  companies  showing  off 
their  latest  wares.  Jason  Meserve  and  Keith  Shaw  bring  you  their 
highlights  from  each  day  of  the  show,  including  a  look  at  the 
Adorno  Voice  Messaging  for  Exchange  platform  and  Infom- 
mersion’s  Xcelsius  X4  data  analysis  tool.  DocFinder:  5938 


Online  help  and  advice 

Nutter’s  Help  Desk 

Rxing  802.11b  link  performance  problems 

Help  Desk  Guru  Ron  Nutter  helps  a  reader  figure  out  why  his 
signal  quality  and  throughput  is  so  low.  DocFinder:  5943 

Compendium 


■  21  Using  RFID  to  boost 
business'  bottom  line. 

■  21  Vendor  fine-tunes  policy  to 
control  admin  rights. 

■  22  Scott  Bradner:  The 

kids  were  right,  school  is  a  prison,  * 

Service  Providers 

■  23  Sprint's  focus  is  on  wireless 
business. 


■  54  On  Technology:  Linux: 
Ready,  willing  and  able. 

■  55  Joel  Snyder:  Mobile 
models  lost  in  translation. 

■  55  Thomas  Nolle:  AT&T: 
What  wont  wrong? 

■  74  BackSpin:  The  art  of 

being  dumb. 

■  74  ’Net  Buzz:  Highlights 
from  Demo@15  conference. 


■  23  Johna  Till  Johnson: 

Universal  Service  fun  and  games. 


Management 

Strategies 


■  64  Uncooperative  end  users:  Put 
an  end  to  push  back  against  technol¬ 
ogy  change  and  quell  the  complaints 
by  reaching  out  to  learn  users'  needs 
and  how  to  fulfill  them. 


■  CONTACT  US  NetworkWorid,  118Turnpike  Road,  Southborough,  MA 
01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438;  E-mail:  nwnews@ 
nww.com;  STAFF:  See  the  masthead  on  page  16  for  more  contact  informa¬ 
tion.  REPRINTS:  (717)  399-1900 


SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444;  Fax: 
(508)  490-6400;  E-mail:  nwcirc@nww.com;  URL:  www.subscribenw.com 


Demo:  The  inside  scoop 

Senior  Tests  Editor  Keith  Shaw  gives  you  the  inside  dirt  on  the 
product  demonstrations,  reactions,  the  15  Demogod  award 
winners  and  more. 

DocFinder:  5939 

LinuxWorld  roundup 

If  you  missed  the  show,  our  LinuxWorld  news  page  features  all  the 
news  you  need.  DocFinder  5940 

Buyer’s  Guides 

Our  continuously  updated  Buyer's  Guides  offer  detailed  information 
on  everything  from  blade  servers  and  enterprise  routers  to 
collaboration  platforms  and  instant-messaging  management.  Drill 
down  into  a  vendor's  offering  or  compare  products  side  by  side. 

DocFinder  5941 

This  week  at  Network  Lifer.  The  Expert's 
Guide  to  the  Connected  Home 

Every  day,  Network  Life  offers  everything  you  need  to  know  to 
keep  your  — and  your  family's  and  friends'  —  home  network 
humming.  Get  the  latest  news,  opinions,  reviews,  how-tos  and 
more.  DocFinder  4838 

Network  World  Fusion  Radio 

Get  the  inside  scoop  on  hot  technology  issues,  such  as  inexpen¬ 
sive  servers,  WiMAX,  network  security  design  and  more.  Stream 
the  sessions  to  your  desktop  or  download  them  as  MP3s  for  later 
use.  DocFinder  5942 


Google:  The  new  Microsoft? 

Online  Executive  Editor  Adam  Gaffin  writes:  “A  few  years  ago, 
Microsoft  got  reamed  for  proposing  something  called  'Smart  Tags,1  in 
which  its  then-new  Internet  Explorer  6.0  would  hyperlink  keywords  in 
online  articles  to,  well,  pretty  much  anything  Microsoft  decided  to  link 
them  to.  Now  Google  is  doing  the  same  thing."  DocFinder  5944 

Home  LAN  Adventures 

Building  my  own  media  center,  Part  2 

Editor  Keith  Shaw  finds  that  transferring  video  between  systems 
proved  to  be  S-L-O-W  going  and  investigates  the  cause. 

DocFinder  5945 

Small-Business  Tech 

A  new  approach  to  collaboration 

Columnist  James  Gaskin  says  NextPage  answers  the  “Is  this  the 
latest  revision?"  question  with  its  new  collaboration  software. 

DocFinder  5946 

Available  only  on  Fusion 

Wireless  &  Mobility:  Commanding  Broadband  Everywhere 

Just  when  technology  solves  the  complexities  of  anytime-anywhere 
wireless  broadband,  enterprises  are  suddenly  paralyzed  by  uncertainty 
about  their  own  wireless  networks.  Which  devices?  Which  apps?  And 
why?  Find  out  first  at  this  free  Tech  Tour  event.  DocFinder.  5947 


Free  e-mail 
newsletters 

Sign  up  for  any  of  more 
than  50  newsletters  on  key 
network  topics. 

DocFinder  6343 


What  is  DocFinder? 

We've  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Government  agencies  flunk  cybersecurity 

■  U.S.  government  agencies  last  week  collectively  received  a  04- 
grade  on  their  cybersecurity  efforts,  a  slight  improvement  from  the 
grade  they  received  a  year  ago  from  a  congressional  watchdog 
committee.  A  year  ago,  the  U.S.  government  received  a  D  grade  from 
the  House  Government  Reform  Committee  —  eight  agencies 
received  failing  grades.  For  2004,  seven  agencies  received  failing 
grades.  The  transportation  and  state  departments  made  significant 
improvement  in  the  past  year.  In  December  2003,  the  Transportation 
Department  received  a  D4  grade;  this  year  it  received  an  A-.  The 
State  Department  raised  its  grade  from  an  F  to  a  D+.  On  the  other 
hand,  the  Commerce  Department’s  grade  declined  from  a  C-  to  an 
F  and  the  Department  of  Veterans  Affairs  fell  from  a  C  to  an  F  The 
Department  of  Homeland  Security  received  an  F  for  the  second 
straight  year.  Asked  during  a  press  conference  if  he  was  frustrated 
with  the  marks,  Rep.  Tom  Davis  (R-Va.)  said  government  agencies 
are  generally  “moving  in  the  right  direction. . .  .We  need  to  move 
faster, and  I  hope  it  won’t  take  some  kind  of  cyberjattack]  to  crys- 
talize  everybody’ 

HP  hires  firm  to  find  Fiorina’s  successor 

■  HP  has  hired  headhunting  firm  Russell  Reynolds  Associates  to  help  it  find  a  new  CEO 
following  the  ouster  of  former  chairman  and  CEO  Carly  Fiorina.  The  search  will  be  con¬ 
ducted  with  the  “highest  level  of  confidentiality’  HP  said  last  week, and  added  that  it  will 
not  comment  further  on  the  hunt.  Fiorina’s  sudden  departure  on  Feb.  9,  which  was  pinned 
on  a  disagreement  with  HP’s  board  over  how  to  execute  the  company’s  strategy,  has  led  to 
wide  speculation  over  who  will  replace  her.  HP  CFO  Robert  P  Wayman  took  over  as  CEO 
on  an  interim  basis,  while  HP  Director  Patricia  Dunn  became  nonexecutive  chairman. 

Delay  puts  SCO  in  Nasdaq  hot  water 

H  Software  maker  The  SCO  Group  is  in  danger  of  losing  its  Nasdaq  listing  for  failing  to 
file  its  2004  annual  report  on  time.  SCO  plans  to  request  a  hearing  on  the  matter,  which 
will  delay  its  removal  from  the  exchange,  but  the  company  began  to  trade  under  a  mod¬ 
ified  ticker  symbol  —  from  SCOX  to  SCOXE  —  to  indicate  its  delinquent  filing  status. 
SCO  says.  Nasdaq  notified  it  last  week  of  the  potential  delisting. The  company  has  not 
filed  its  10-K  annual  report  on  the  fiscal  year  ended  Oct.  3 1,2004,  within  the  90-day  time 
frame  mandated  by  the  Securities  and  Exchange  Commission.  SCO  attributed  its  delay 
to  an  examination  of  stock  grants  related  to  the  company’s  compensation  plans.  While 

COMPENDIUM 

No  sympathy  for  the  devil 

The  FreeBSD  Project  has  long  used  a  cartoon  devil  (from  the  “daemons"  that  power 
the  operating  system)  as  its  symbol.  But  seems  like  that  won't  fly  in  the  enterprise 
market  the  project  hopes  to  compete  in,  so  it  is  planning  a  competition  to  find  a 
more  corporate  symbol.  Find  out  all  the  devilish  details  at 
www.nwfusion.com,  DocFinder:  5949. 
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HP  honesty.  Martin  Fink,  HP’s  vice 
president  of  Linux,  scored  points  for  honesty 
last  week  during  his  keynote  address  at  the 
LinuxWorld  Conference  &  Expo 
in  Boston.  "My  speech  today 
can't  match  the  drama  of  Carly 
[Fiorina]  leaving  HP  last  week," 
he  toid  audience  members.  > 


fM. 


What's  next, 

lip-syncing?  Our  hopes 
really  rose  when  HP's  Rnk  brought 
two  customers  onto  the  LinuxWorld 
stage  to  discuss  their  open  source 
installations.  But  the  scripted,  teleprompter-driven  dialogue  proved  painful  to  hear. 
At  least  Fink  did  get  each  customer  to  address  what  went  wrong  with  their  rollouts. 


$  CA  and  SOX.  Computer  Associates  CEO  John  Swainson  drew  smirks  and 
eye  rolls  from  the  audience  at  his  keynote  address  at  LinuxWorld  last  week  when 
he  lamented  the  cost  of  complying  with  Sarbanes-Oxley  rules.  After  all,  the  rules 
went  into  effect  to  clean  up  the  sort  of  irresponsible  corporate  behavior  to  which 
CA  has  been  no  stranger  (albeit  before  Swainson  recently  joined  the  company). 


SCO  did  not  file  its  annual  report  with  the  SEC,  it  did  put  out  a  press  release  in 
December  summarizing  its  results  for  the  year.  SCO’s  revenue  dropped  46%,  to  $42.8  mil¬ 
lion,  while  its  2003  profit  turned  into  a  $23.4  million  net  loss  in  2004. 

Security  trade  groups  form  alliance 

■  Three  trade  associations  for  security  professionals,  ASIS  International, The  Information 
Systems  Audit  and  Control  Association  and  the  Information  Systems  Security  Association, 
last  week  said  they  will  work  together  on  concerns  common  to  their  80,000  members. 
Although  the  organizations  don’t  plan  to  merge,  they  will  work  under  the  banner  name 
“The  Alliance”  to  have  a  single  voice  in  legislative  and  government  policy  matters.  They 
also  will  work  together  to  define  formal  training  for  security  professionals  to  promote  busi¬ 
ness  and  management  skills  demanded  in  the  workplace.The  Alliance  founders  also  said 
they  are  open  to  other  organizations,  such  as  SANS  Institutejoining  the  combined  effort. 

Cerf,  Kahn  get  A.M.  Turing  Award 

■  The  Association  for  Computing  Machinery  is  finally  giving  network  technology  a  little 
respect.  Last  week,  the  58-year-old  organization  for  computing  professionals  announced 
plans  to  award  Internet  pioneers  Vinton  Cerf  and  Robert  Kahn  its  prestigious  A.M.Turing 
Award.  Awarded  annually  since  1966,  the  $100,000  award  is  named  for  British  mathemati¬ 
cian  Alan  M. Turing.  Past  recipients  include  mouse  inventor  Douglas  Engelbart,  and  Ken 
Thompson  and  Dennis  Ritchie,  the  creators  of  Unix. The  2004  award  is  the  first  to  be  given 
for  work  in  computer  networking.  News  of  the  award  came  as  a  “huge  surprise,”  Cerf  said 
in  an  e-mail  interview.  “Historically  this  award  has  gone  to  people  more  involved  in  fun¬ 
damentals  of  computer  science.”  Cerf  is  senior  vice  president  for  technology  strategy  at 
MCI  and  has  played  key  roles  in  many  groups  that  put  the  Internet  on  the  map.  Kahn  is 
chairman,  CEO  and  president  for  the  Corporation  for  National  Research  Initiatives,  which 
he  founded  in  1986. 
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Designed  specifically  for  users  new  to  SANs,  LeftHand's  patented  architecture  makes  it  easy  for  you  to  upgrade  from 
direct-attached  storage.  We  can  help  you  take  advantage  of  one  centrally  managed  storage  environment,  making  it  easier 
to  administer,  grow,  and  back  up  your  application  and  file  storage.  Just  as  importantly,  our  solution  is  flexible  enough  to 
grow  and  adapt  with  the  changes  to  your  company,  even  if  you  can't  see  them  coming.  Start 
with  the  storage  you  need  today  and  then  add  capacity  over  time  in  cost-effective, 
modular  increments.  Install  the  storage  in  whatever  location  makes  sense  —  any 

facility,  anywhere  on  the  IP  network  —  and  manage  it  all  from  one  centrailocation.  ~  1  -• 


Plus,  ensure  your  data  is  always  available.  The  LeftHand  architecture  offers  unique 

availability  features  that  protect  your  data  whether  you  have  a  single  site  or  if  you're  looking  for  a  complete  disaster 
recovery  solution  across  multiple  sites.  All  this  high-end  functionality  is  wrapped  into  one,  intuitive  management  interface 
designed  for  users  making  the  transition  to  a  SAN. 
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Visit  our  web  site  to  download  a  free  white  paper  on  the  eight  ways  an  iSCSI  SAN  simplifies  life  for  an  IT  administrator. 
Check  storage  management  off  the  list. 
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Show  shines  light  on  desktop  Linux 


■  BY  PHIL  HOCHMUTH 

BOSTON  —  While  many  Linux  converts 
are  focused  on  moving  their  data  centers 
off  of  Unix,  a  second  front  for  Linux  migra¬ 
tion  soon  could  take  shape  on  corporate 
desktops. 

Among  the  6,000  attendees  at  last  week’s 
LinuxWorld  Expo  were  several  IT  profes¬ 
sionals  touting  big  savings  and  improved 
performance  as  the  drivers  to  migrate  serv¬ 
er  applications  to  Linux.  Meanwhile,  some 
users  are  beginning  to  look  at  Linux  on  the 
client  side  as  a  way  to  ease  Windows  desk¬ 
top  management  and  support  headaches. 

Linux  desktops  are  starting  to  take  off  at 
Cisco,  which  has  about  2,000  engineers 
using  Red  Hat  Linux  for  writing  software 
code,  and  hardware  and  chip  design. 

Migrating  corporate  users  from  Windows 
to  Linux  PCs  presents  both  technical  chal¬ 
lenges  and  obstacles  in  overcoming  cor¬ 
porate  culture,  says  J.  Craig  Manning,  IT 
manager  at  Cisco.  In  addition  to  supporting 
Cisco’s  internal  network,  Manning  chairs 
the  Open  Source  Development  Labs 
Desktop  Linux  Steering  Committee. 

If  users  think  they  are  going  to  save 
money  on  software  or  support  by  switch¬ 
ing  to  desktop  Linux,  they  will  be  in  for  a 


surprise,  Manning  says. 

Factors  that  even  out  the  Linux/Windows 
desktop  costs  include  retraining  employ¬ 
ees;  installing  applications  that  support 
Windows  applications  on  Linux;  and  sup¬ 
port  subscription  fees  from  Linux  vendors 
such  as  Red  Hat,  which  are  necessary  for 
software  updates  and  patches,  Manning 
says.  As  more  Linux  desktops  are  brought 
on,  Cisco  also  will  have  to  look  into  a  new 
desktop  back-up  solution  that  supports 
both  Linux  and  Windows  —  another  cost. 

The  advantage  of  Linux  on  the  desktop  is 
simpler  administration,  Manning  says. 
Linux  includes  many  built-in  tools,  such  as 
Secure  Shell  (SSH),  which  can  let  a  remote 
administrator  easily  access  and  trou¬ 
bleshoot  a  desktop.  Also,  the  ability  to  hide 
and  partition  underlying  system  files  and 
operating  system  underpinnings  from 
users  on  Linux  is  helpful. 

Manning  estimates  that  it  takes  a  compa¬ 
ny  one  desktop  administrator  to  support  40 
Windows  PCs  vs. 200  to  400  Linux  desktops. 

Many  tools  are  now  available  that  can 
help  a  Windows-to-Linux  transition,  such  as 
Codeweaver’s  Crossover  Plug-in,  which 
Cisco  uses  to  support  Microsoft  Exchange 
clients  on  Linux  desktops.The  evolution  of 
other  open  source,  Linux-friendly  applica¬ 


tions,  such  as  OpenOffice  and  Firefox,  also, 
make  migration  easier,  Manning  says. 

With  many  of  the  company’s  tech-sawy 
users  now  on  Linux,  Manning  says  the  next 
challenge  is  spreading  the  technology  He 
is  working  to  create  a  stable,  standard  lap¬ 
top  build  for  Linux,  with  so  many  of  the 


company’s  employees  using  notebooks. 
The  technology  also  has  a  key  supporter 
inside  the  firm:  Cisco  CIO  Brad  Boston  uses 
a  Linux  desktop,  according  to  Manning. 

Another  systems  administrator  at  Linux- 
World  agrees  that  an  all-Linux  desktop 
See  LinuxWorld,  page  8 


Novell  looks  to  extend  open  source  reach 


Novell's  LinuxWorld  promises 

Novell  aired  a  host  of  open  source  efforts  at  last  week’s  conference. 


Announcement/plan 

Description 

Hula  project 

To  build  an  open  source  collaboration  server. 

Open  Enterprise  Server  availability 

EDirectory  APIs  to  SAMBA  and  FreeRADIUS 

/■/  -  ;/  ;  •  ’  1 

;  ’*:}}  ■ 

Dual-kernel  NetWare  and  Linux  operating  system. 

Lets  developers  use  eDirectory  for  network  and 
wireless  authentication. 

Resell  Polyserve  clustering  and  shared  file- 
system  software 

Data  center  initiative 

Lets  customers  build  large  Linux  clusters. 

A  set  of  packages  focusing  on  applications,  storage, 
virtualization,  systems  management  and  security. 

Incorporate  open  source  Xen  virtualization 
technology  Into  SuSE  Linux  Enterprise  Server 

Allows  server  virtualization  for  SuSE  users. 

CAPP/EALA+  certification 

■  A/ ; ; 

Security  certification  is  important  to  government 

;  -  V  -  . 

customers.  y 

Novell  Security  Manager 

Lets  users  add  VPN,  firewall  and  intrusion-detection 
services  to  their  networks. 

■  BY  DENI  CONNOR 

Novell  last  week  at  LinuxWorld 
outlined  a  slew  of  products  that 
bolster  its  Linux  product  line  and 
a  batch  of  initiatives  aimed  at 
cementing  its  role  in  the  open 
source  community 

Perhaps  the  most  attention  grab¬ 
bing  of  Novell’s  announcements 
was  an  open  source  collabora¬ 
tion  server  project  dubbed  Hula. 

The  goal  for  Hula  is  “to  become 
for  collaboration  what  Apache  is 
to  servers,”  said  Novell  Chairman 
and  CEO  Jack  Messman  in  his 
keynote  address  at  LinuxWorld. 

Novell  has  pushed  hard  into 
Linux  over  the  past  year-plus  via 
acquisitions,  partnerships  and  in¬ 
ternal  development.  It  also  an¬ 
nounced  the  availability  of  its 
Open  Enterprise  Server  operating 
system  and  plans  to  include  the 
open  source  Xen  virtualization 
software  in  the  next  release  of  its 
SuSE  Linux  Enterprise  Server. 

Novell’s  contributions  to  the 
open  source  community  will  in¬ 
clude  its  eDirectory  APIs,  Mess- 
man  said. 

He  added  that  the  Hula  project 
centers  on  development  of  an 
open  source-based  collabora¬ 


tion  server,  which  will  include 
calendar,  address  book  and  mail 
functionality. 

Hula  is  based  on  Novell’s  Net- 
Mail  collaboration  server  soft¬ 
ware,  which  the  company  sells  for 
$15  per  user  and  has  more  than  4 
million  users.  Novell  donated 
more  than  200,000  lines  of  Net- 


Mail  code  to  the  Hula  project.The 
code  represents  the  bulk  of  Net- 
Mail  code,  with  eDirectory  identi¬ 
ty  management  and  nSURE  audit 
code  stripped  out,  Novell  says. 

Hula  can  scale  to  250,000  users 
on  a  single  server  with  50,000 
concurrently  connected  users, 
Novell  says.  It  will  use  Internet 


standards  such  as  SMTP  Internet 
Message  Access  Protocol,  iCalen- 
dar  and  the  CalDAV  calendar 
access  protocol. 

“As  a  foundation  for  an  open 
source  project  for  a  scalable 
e-mail  system,  Hula  is  pretty  im¬ 
pressive,”  says  Dan  Kuznetsky, 
vice  president  of  system  soft¬ 


ware  at  IDC. 

Keith  Stevenson, senior  commu¬ 
nications  analyst  at  the  University 
of  Louisville  in  Kentucky  has  used 
NetMail  for  several  years  to  man¬ 
age  more  than  32,000-student 
mail  accounts  on  a  single  server. 

“We  selected  NetMail  because  it 
ran  on  Linux,  was  extremely  well 
integrated  and  was  able  to  han¬ 
dle  a  large  number  of  student 
accounts  on  a  modest  hardware 
investment,”  he  says. 

Stevenson  is  optimistic  that  the 
open  source  community  will 
make  the  technology  even  more 
useful. 

“There  are  a  few  quirks  such  as 
logging  information  for  trouble¬ 
shooting  purposes  that  have  an¬ 
noyed  me,”  Stevenson  says.  “We’ll 
certainly  be  paying  a  lot  of  atten¬ 
tion  to  Hula  since  it  represents 
the  future  of  NetMail.” 

Hula,  which  currently  runs 
only  on  Linux,  will  work  on 
NetWare,  Windows  and  Mac  OS 
X  networks  by  March,  according 
to  project  leaders. 

Hula  is  licensed  under  the  GNU 
Lesser  General  Public  License 
and  the  Mozilla  Public  License. 
More  information  is  available  at 
www.hula-project.org.  ■ 


Make  a  name  for  yourself  with  Windows  Server  System.  Microsoft®  Windows  Server  System™  makes  it  easier 
for  Virgin  Entertainment  Group,  North  America  to  make  inventory  decisions  based  on  real-time  data 
from  its  sales  counters.  Here's  how:  By  building  a  business  intelligence  solution  using  SQL  Server™ 
supported  by  BizTalk*  Server  and  the  .NET  Framework,  Virgin  is  able  to  gather  the  Point  of  Sale 
and  traffic  data  collected  in  its  stores,  analyze  it,  and  have  reports  to  store  managers  every 
15  minutes.  Software  that's  easier  to  integrate  is  software  that  helps  you  do  more  with  less. 

To  get  the  full  Virgin  story  or  find  a  Microsoft  Certified  Partner,  go  to  microsoft.com/wssystem 
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environment  would  be  preferable. 

Josh  Bernstein,  a  systems  analyst  at  the 
University  of  Arizona  at  Tucson, 
describes  supporting  Windows  desktops 


as  “a  nightmare.” 

He  supports  Windows  PCs,  Linux  desk¬ 
tops  and  a  cluster  of  Linux  servers  in  the 
university’s  Lunar  and  Planetary  Labora¬ 
tory  Troubleshooting  Linux  PCs  with  re¬ 
mote  management  tools  such  as  SSH  is  less 
time-consuming  than  Windows  machine 


maintenance,  Bernstein  says.  “With  Linux,  1 
don’t  have  to  get  up  and  walk  over  to  the 
system  and  see  what’s  going  on,”  he  says. 

To  this  end, several  vendors  at  LinuxWorld 
announced  new  client-side  tools.  Versora 
showed  off  its  Progression  Desktop  tool, 
which  moves  files  and  converts  PCs  set- 


CapRock 


World  Class  Communications 
Anywhere  in  the  World™ 
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Satellite  communications  ruggedized  for 
remote  locations  and  harsh  environments. 

Secure  Corporate  Networking 
Digital  Telephony 
Broadband  Internet 
Real-Time  Video 


For  more  information  call  1-888-482-0289. 


tings  from  Windows  to  Linux.  Wn4Lin  also 
announced  a  new  version  of  its  software 
that  lets  Windows  2000  and  XP  applications 
run  on  Linux  desktops. 

But  the  real  payoff  with  Linux  still  appears 
to  be  in  large  Unix-to-Linux  data  center 
server  migrations,  according  to  other  show 
attendees. 

Cambridge  Health  Alliance  (CHA),a  net¬ 
work  of  three  hospitals  and  more  than  20 
healthcare  facilities  in  the  Boston  area,  is 
turning  to  Linux  for  most  of  the  new  server 
applications  it  acquires.  The  healthcare 
group  previously  ran  an  almost  all- 
Windows  shop,  with  a  few  Unix  servers  sup¬ 
porting  a  large  outpatient  management 
application  in  clinics. When  the  time  came 
to  upgrade  the  Unix-based  system  a  year 
ago,  Linux  was  considered. 

CHA  took  time  to  demonstrate  the  stabil¬ 
ity  of  the  new  application  on  Red  Hat  Linux 
to  senior  management.  But  what  caught  the 
eye  of  the  CHA  brass  was  the  savings:  The 
cost  for  Intel-based  hardware  and  software 
support  for  Linux  was  about  half  of  similar 
systems  based  on  Unix  and  proprietary 
chip  hardware. 

“When  a  new  vendor  comes  in  the  door 
and  talks  about  an  application,  we’ve  been 
putting  the  screws  to  them:  If  you  want  our 
business, you  should  have  a  Linux  offering,” 
says  Seth  Sladek,  manager  of  systems  engi¬ 
neering  at  CHA. 

A  different  firm  that  found  savings  by 
migrating  older  applications  to  Linux  was 
FreshDirect.a  Long  Island,  N.Y,  food  distrib¬ 
utor.  The  company  migrated  its  back-end 
order  processing  system,  hosted  on  Sun 
Solaris  servers,  to  Red  Hat  Linux,  running 
on  hardware  from  Egenera,  whose  blade 
servers  support  virtualization  across 
pooled  hardware  resources,  such  as 
processors  and  memory 

The  benefits  of  the  Unix-to-Linux  swap 
were  obvious,  says  Myles  Trachtenberg, 
CTO  of  FreshDirect.With  13  dual-processor 
Egenera  blades,  FreshDirect  replaced  200 
Sun  servers  and  improved  the  company’s 
core  application  average  response  time 
from  8  seconds  to  1  .Trachtenberg  also  esti¬ 
mates  that  the  company  will  save  close  to 
$2  million  in  hardware  costs. 

“There  is  no  reason  to  stay  on  Unix,” 
Trachtenberg  says. “The  price/performance 
and  the  stability  are  there  with  Linux.”  But 
users  interested  in  migrating  applications 
to  Linux  should  be  aware  of  the  pitfalls. 

“The  issues  are  usually  not  with  Linux 
itself,  but  in  getting  two  or  more  products 
working  together  on  Linux,”  he  says.  ■ 
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Cost,  complexity  still  slow  speech  apps 


Speech  delays 

The  speech  technology  revolution  has  failed  to  take  hold 
as  expected,  says  analyst  firm  The  451  Group.  Here  are 
some  of  the  reasons  why. 

• 

Lack  of  true  packaged  offerings,  resulting  in  a  heavy  dependence 
on  expensive  professional  services. 

• 

High  total  cost  of  ownership  of  speech  applications  relative  to 
alternative  IT  investments  competing  for  corporate  dollars. 

• 

Lack  of  demonstrable  ROI:  A  majority  of  speech  technology 
applications  simply  automate  touch-tone  activities  instead  of 
delivering  significant  business  benefits. 

• 

Slow  VoiceXML  adoption,  because  of  the  standard’s  complexity, 
ongoing  intellectual  property  disputes  and  vendors’  reluctance 

to  relinquish  revenues  gained  through  proprietary  systems. 

J 

■  BY  ANN  BEDNARZ 

Many  customers  calling  Ameri¬ 
can  Savings  Bank  to  use  its  bank¬ 
ing  services  find  the  automated 
attendant  has  something  in  com¬ 
mon  with  them:  a  regional 
dialect. 

The  voice  behind  the  tele¬ 
banking  application  is  that  of  a 
local  female,  and  the  applica¬ 
tion’s  expressions  include 
“aloha"  and  “mahalo”  to  convey  a 
familiar  image,  according  to 
Renee  Lum,  assistant  vice  presi¬ 
dent  and  manager  of  American 
Savings  Bank’s  customer  service 
center  in  Honolulu. 

“The  whole  branding  for  our 
bank  is  based  on  our  local 
image,  and  we  wanted  to  carry 
that  branding  through  our 
speech  application,” she  says. 

Lum  is  scheduled  to  speak 
this  week  at  the  SpeechTek  con¬ 
ference  in  San  Francisco,  where 
she  will  detail  the  bank’s  deci¬ 
sion  to  use  technology  from 
Intervoice  for  its  migration  from 
touch-tone  to  speech  technol¬ 
ogy.  The  SpeechTek  show  is 
expected  to  draw  1,000  atten¬ 
dees  to  its  educational  sessions 


and  48-exhibitor  exposition. 

American  Savings  Bank  de¬ 
ployed  Intervoice’s  develop¬ 
ment  platform  —  the  Omvia 
Voice  Framework  —  and  used 
the  vendor’s  professional  ser¬ 
vices  to  design  its  custom  bank¬ 
ing  application.  Building  a 
speech  application  is  notori¬ 
ously  complex  and  requires 
multiple  design  tweaks  and 
usability  tests  to  make  sure  the 
application’s  vocabulary  and 
user  interface  are  going  to  be 
well  received  by  callers. 
Working  with  Intervoice,  the 
bank  brought  in  a  range  of  cus¬ 
tomers  of  different  ages,  ethnic 
backgrounds  and  occupations 
to  test  the  system’s  usability 
before  going  live,  Lum  says. “We 
knew  if  it  wasn’t  easy,  they  were 
not  going  to  use  it,”  she  says. 

American  Savings  Bank  is 
among  the  early  adopters  of 
speech-recognition  technology 

The  451  Group  estimates  just 
5%  of  today’s  interactive  voice 
response  (IVR)  systems  incor¬ 
porate  speech-recognition 
technology  that  lets  users 
access  information  using  spo¬ 
ken  commands.  The  remaining 


95%  of  the  IVR  market  consists 
of  much  older,  simple  touch- 
tone  menus  from  which  users 
select  choices  by  pushing 
buttons  on  a  telephone,  the 
firm  says. 

According  to  most  industry 
accounts,  that  ratio  should  be 
changing.  The  emergence  of 
standards  such  as  VoiceXML  — 
an  XML  variant  designed  so  that 
content  developed  for  the  Web 
could  interact  with  voice  sys¬ 


tems  —  is  expected  to  drive 
speech-recognition  technology 
into  the  mainstream.  Indeed, 
vendors  such  as  Nuance  and 
ScanSoft  are  working  to  shift 
from  expensive,  proprietary 
platforms  that  require  extensive 
professional  services  engage¬ 
ments  to  more  packaged,  stan- 
dards-based  technologies.  At 
SpeechTek,  Edify  is  expected  to 
unveil  a  speech  application  tai¬ 
lored  for  consumer  electronics 
companies. 

But  some  industry  watchers  say 
the  transition  is  stalled  and  the 
search  for  meaningful  business 
returns  remains  elusive,  it’s  a 
vicious  circle,  says  Steve  Coplan, 
sector  head  for  networks  and 
media  at  The  451  Group.  Vendors 
haven’t  been  able  to  build  up 
enough  demand  for  speech  soft¬ 
ware,  so  they  remain  reliant  on 
professional  services.  But  the 
expense  of  specialized  profes¬ 
sional  services  in  turn  slows 
adoption,  he  says. 

Coplan  authored  a  research 
report  released  earlier  this 
month  that  finds  the  speech 
industry  won’t  go  mainstream 
until  it  becomes  less  expensive 
and  easier  to  build  speech  appli¬ 
cations.  Among  the  factors  sti¬ 
fling  that  transition  are  vendors’ 
dependence  on  professional  ser¬ 
vices  revenue,  slow  adoption  of 
complex  standards  and  pack¬ 
aged  applications  that  fail  to 
deliver  the  flexibility  needed  for 
broad  deployments,  he  says. 

Nonetheless,  adoption  of 
speech  technology  is  growing, 
slowly  but  surely 

In  2003  and  2004,  sales  of 
touch-tone-based  IVR  systems 
declined,  while  speech-enabled 
system  sales  grew  15%  to  20%, 
says  Daniel  Hong,  voice  business 
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FUN:  Why  does  the  'Net  need  yet  another 
photo-sharing  service?  “Photoleap  works 
exactly  like  e-mail,”  explains  CEO  Paul  Colton, 
which  means  that,  unlike  other  services,  people 
already  know  how  to  use  it.  More  impressive  to 
the  geeks  gathered  around  Photoleap’s  booth 
was  its  ability  to  send  unthinkable  numbers  of 
high-resolution  photos  —  250  in  Colton’s  stage 
demo,  almost  a  gig’s  worth  —  in  a  single  mes¬ 
sage.  You  say  you  don’t  want  that  porker  any¬ 
where  near  your  in-box?  Check  out  www.pho- 
toleap.com  to  have  your  fears  allayed. 

WORK:The  first  time  I  saw  the  Bluetooth 
Virtual  Keyboard  by  VKB  was  on  aTV  news 
report . . .  and  my  jaw  dropped. This  pocket-sized 
device  uses  a  laser  to  project  the  image  of  a 
full-sized,  two-dimensional  keyboard  onto  any 
flat  surface  from  which  the  user  types,  thus 
reducing  the  tedium  and  carpal- 
tunnel  common  to  "typing”  on 
the  keypads  of  smart  phones  and 
PDAs.Trying  the  virtual  key¬ 
board  at  Demo  showed  me  the 
device  works  as  advertised, 
although  touch-typists  should 
know  that  we’re  talking  hunt- 
and-peck  here,  not  anything 
you’d  want  to  use  for  routine 
work.  Now  a  stand-alone  prod¬ 
uct,  VKB  showed  me  a  prototype 
embedded  in  a  mobile  phone  that 
will  give  the  technology  a  leg  up  on 


widespread  acceptance. They’re  talking  about 
using  it  on  car  dashboard  displays,  too. 

FUN:  Don’t  know  why  the  check-engine  light  is 
on?  CodeScout  from  AutoXray  plugs  into  a  port 
under  your  dashboard  and  spits  out  the  reason 
in  a  report  you  take  to  your  mechanic.Think  of  it 
as  rip-off  insurance  that  costs  $150. 

WORK:  Browster  CEO  Scott  Milener  says  his 
free  plug-in  for  Internet  Explorer  will  “cut  the 
time  it  takes  you  to  go  through  search  results  by 
50%.”  Believe  him. The  plug-in  —  also  called 
Browster  and  available  at  www.browster.com  — 
lets  you  see  a  quick  preview  page  for  each 
search  resuit  by  simply  running  your  cursor  over 
an  icon.  Like  what  you  see?  Dig  deeper.  Not 
what  you  want?There's  no  need  to  hit  the  back 
button,  just  move  the  cursor  off  the  preview 
pane  and  back  to  the  search  list. 

WORK:  It’s  blogging  for  grown-ups.The 
version-control  and  workflow  capabilities  of 
BlogUnit  Series,  an  appliance  from  WhatCounts, 
will  give  companies  peace  of 
mind  that  their  employee-writ¬ 
ten  blogs  won’t  cause  more 
harm  than  good. 

FUN:  And  perhaps  profit. 
LiveDeal  Local  AdWiz  — 
www.livedeal.com  —  looks  to 
give  bloggers  a  chance  to  turn  a 
buck.  Interesting,  but  don't  give 
up  the  day  job. 

Want  to  chime  in  with  your 
thoughts?  The  address  is  buzz@ 
nww.com. 


More  online! 


Couldn't  make  it  to  Demo@15?  Check  out 
our  weeklong  coverage. 

DocFinder:  5950 


analyst  at  Datamonitor.  Admit¬ 
tedly,  the  growth  is  not  as  strong 
as  analysts  expected  a  couple  of 
years  ago,  he  says.  But  IT  spend¬ 
ing  is  loosening  up,  and  vendors 
are  a  bit  smarter  in  mapping 
their  products  and  services  to 
the  needs  of  customers.  “Com¬ 
panies  aren’t  as  skeptical  as  they 
were  before,”  Hong  says. 

Customers  know  the  technol¬ 
ogy  works,  agrees  Bill  Meisel, 
president  of  TMA  Associates,  a 
speech  consulting  firm.  While 
some  of  the  first  speech  applica¬ 
tions  simply  replicated  the 
touch-tone  applications  they 
were  replacing  with  speech  com¬ 
mands,  essentially  giving  callers 
the  same  list  of  options,  today’s 
systems  are  much  more  sophisti¬ 
cated  in  what  they  can  do,  he 
says.  For  example,  voice  applica¬ 
tions  can  tweak  their  instruc¬ 
tions  if  a  caller  is  recognized  as  a 
repeat  customer  who  could  take 
advantage  of  service  shortcuts, 
Meisel  says. 

“Today,  with  speech  recogni¬ 
tion  you  can  have  a  much  more 
flexible  conversation  than  you 
could  with  touch-tone,  and  peo¬ 
ple  will  accept  that  as  an  alter¬ 
native  to  waiting  for  an  agent,” 
Meisel  says.  “I  don’t  hear  cus¬ 
tomers  saying  they’re  afraid  it 
won’t  work.  Now  they’re  saying 
it’s  kind  of  expensive.  That’s  a 
very  important  transition.” 

While  today  there’s  a  depen¬ 
dence  on  professional  services 
—  which  drives  up  implementa¬ 
tion  costs  —  that  will  shrink  as  IT 
staff  members  learn  the  art  of  de¬ 
signing  voice  user  interfaces  and 
fine-tuning  grammar.  It’s  a  natural 
evolution  of  the  technology, 
Meisel  says. 

Meanwhile,  some  companies 
turn  to  hosted  IVR  options  to 
avoid  the  sticker  shock  of  imple¬ 
menting  speech  technology  in- 
house,  Hong  says.  Vendors  offer¬ 
ing  hosted  voice  applications 
and  services  include  Angel.com, 
which  will  announce  at 
SpeechTek  the  addition  of  call 
routing  features  to  its  service; 
BeVocal;  Convergys  and  Telime 
Networks.  ■ 


Correction 


*  The  story  "Demo®  15  spot- 
|  lights  security"  (Feb.  14,  page  44) 
should  have  stated  that  Blazent 
3.0  pricing  starts  at  S300.000. 


HU  NotworkWorid 

2/21/05 

lews 

www.nwfusion.com 

RSA  event  sets  up 
malware  war 

■  BY  ELLEN  MESSMER 

SAN  FRANCISCO  —  When  Microsoft  Chief  Software  Architect  Bill 
Gates  used  his  keynote  address  at  last  week’s  RSA  Conference  to  tout 
his  company’s  snowballing  initiatives  around  anti-spyware  and  anti¬ 
virus  software,  the  message  was  met  cautiously  by  customers,  and  dis¬ 
missed  by  competitors. 

“I  couldn’t  care  less  what 
Microsoft  does,”  said  Symantec 
CEO  John  Thompson  during  a 
roundtable  discussion.  “I  care 
what  customers  think.”  As  for 
Gates’  pledge  to  provide  con¬ 
sumers  free  anti-spyware  protec¬ 
tion,  Thompson  added,  “You  get 
what  you  pay  for.” 

Symantec  next  month  plans  to 
include  spyware  protection  in  its 
AntiVirus  Corporate  Edition  10 
and  Symantec  Client  Security 

Microsoft  says  5  million  people 
have  downloaded  its  free  beta  of 
AntiSpyware.  The  company  plans 
another  beta  before  July  and 
expects  to  have  a  final  version  out 
in  the  fall,  said  Gytis  Barzdukas, 
director  of  product  management, 
security  business  and  technology 
While  the  stand-alone  version  is 
expected  to  be  free,  a  separate  cor¬ 
porate  version  with  management  features  for  monitoring,  analysis  and 
policy  controls,  is  scheduled  to  be  introduced  later  this  year  at  a  price 
yet  to  be  determined. 

As  for  a  corporate  Microsoft  anti-virus  product  line,  it’s  expected  to  be 
based  on  the  Sybari  Software  technology  Microsoft  is  in  the  process  of 
acquiring,  Barzdukas  said.  Sybari’s  Antigen  scanning  technology  sup¬ 
ports  several  vendor-scanning  engines,  although  not  the  largest  — 
those  from  McAfee,  Trend  Micro  and  Symantec.  Microsoft  “will  give 
them  the  opportunity  to  be  integrated  into  the  Sybari  scanner” he  said. 

Conference  attendees  had  mixed  reactions  to  the  Microsoft  push. 

“If  you  listen  to  Bill, all  we  have  to  do  is  wait  a  couple  of  months  and 
all  our  problems  will  be  solved,”  said  Tom  Jones,  director  of  security  at 
California’s  Department  of  Health  and  Human  Services,  and  a 
Symantec  customer.  “But  most  of  our  problems  seem  to  come  from 
Microsoft  and  its  patches.”  He  said  he  tried  the  Microsoft  AntiSpyware 
beta  software  and  wasn’t  impressed.  In  a  test  with  a  fully  patched 
Windows  desktop  machine  running  AntiSpyware,  it  was  still  hit  with 
more  than  150  adware  programs  and  a  few  Trojans  he  would  have 
expected  to  be  blocked,  Jones  said. 

However,  Michael  Asante,  chief  security  officer  at  American  Electric 
Fbwer,  which  uses  anti-virus  software  from  Trend  Micro  and  McAfee, 
said  Microsoft  could  potentially  provide  an  “integrated  approach”  that 
he  would  consider  adopting. “We  use  other  products  but  we  are  evalu¬ 
ating  Microsoft’s  approach,”  he  said. 

One  likely  outcome  is  that  “Microsoft  is  going  to  make  prices  drop” 
for  anti-virus  protection, said  Gartner  analyst  John  Pescatore. 

Gates  also  said  Microsoft  intends  to  fight  phishing  through  a  new  edi¬ 
tion  of  Internet  Explorer.  Gates  said  the  updated  browser,  IE  7.0,  will 
guard  against  URL  re-direction.  It  is  scheduled  to  be  in  beta  in  early 
summer  for  use  with  Windows  XP  SP2. 

Also  at  the  conference,  Cisco  CEO  John  Chambers  used  his  keynote 
to  formally  unveil  Cisco’s  new  line  of  intrusion-prevention  systems. 
Chambers  told  attendees  that  Cisco  is  betting  the  bank  on  designing 
“self-defending  networks”  where  security  measures  against  most  types 
of  attacks  will  be  countered  automatically  rather  than  manually 

He  also  said  Cisco  will  “acquire  aggressively  and  partner  aggressive¬ 
ly”  to  provide  security  and  availability  for  IP-based  systems.  ■ 


Symantec  CEO  John  Thompson 
had  this  advice  for  users  of  free 
anti-spyware:  “You  get  what  you 
pay  for.” 


Microsoft 

continued  from  page  1 

would  be  used  to  orchestrate  the 
provisioning  and  other  identity 
services  across  multiple  systems. 

Observers  say  Microsoft’s  intent 
is  to  centralize  some  identity  ser¬ 
vices  and  make  it  easier  to  deploy 
its  identity  platform  by  reducing 
the  amount  of  integration  end 
users  must  do  and  giving  devel¬ 
opers  one  point  where  they  can 
tie  their  applications  to  the  iden¬ 
tity  platform. 

They  also  say  Microsoft  hopes 
to  build  a  cohesive  package 
around  its  enterprise  identity  plat¬ 
form,  Web  services  development 
tools  and  standards  support,  and 
personalized  identity  services  it  is 
creating  in  its  forthcoming 
Longhorn  operating  system, set  to 
begin  shipping  in  2006. 

Microsoft  officials  would  not 
comment  on  their  future  plans 
for  the  identity  platform. 

The  restructuring  comes  as 
Microsoft  is  battling  rivals  IBM, 
Sun  and  others  who  have  put 
together  tightly  integrated  iden¬ 
tity  suites  at  a  time  when  identity 
management  has  become  a  cor¬ 
porate  hot  button. 

“Microsoft  has  an  impressive 
amount  of  stuff  to  deal  with,  but  it 
is  not  integrated,” says  one  source 
who  asked  not  to  be  identified. 
“The  issue  is  not  developing 
more  technology’ 

While  the  MI1S  change  is  not  set 
in  stone,  it  would  dramatically 
change  the  capabilities  of  the 
operating  system.  For  example, 
the  integration  would  let  users 
reset  passwords  across  all  Micro¬ 
soft  and  other  platforms  from 
their  Windows  desktops.  Today 
users  deploy  MI1S  or  purchase 
third-party  software  to  handle 
those  services. 

The  catch  is  that  while  corpo¬ 
rate  users  would  get  the  provi¬ 
sioning  engine  in  the  operating 
system,  they  would  have  to  buy 
the  connectors  to  link  the  operat¬ 
ing  system  capabilities  to  other 
platforms,  including  directories, 
databases  and  applications  such 
as  Lotus  Notes  and  SAP 

Bill  Gates,  Microsoft’s  chief  soft¬ 
ware  architect,  referred  to  MI1S  in 
his  keynote  address  last  week  at 
the  RSA  Conference  in  San 
Francisco  as  a  key  element  of  the 
vendor’s  identity  strategy  “You  go 
to  one  place,  and  that  informa¬ 
tion  is  propagated  in  the  right 
way  across  the  different  places  it 
should  be,”  he  said. 

Microsoft  also  is  planning  to 
add  workflow  services  in  the 
operating  system,  most  likely  with 
Longhorn,  using  a  technology 


Puzzle  pieces 

Microsoft  is  again  shuffling  its  identity  platform  with 
the  hope  of  driving  features  such  as  provisioning  and 
workflow  directly  ino  the  operating  system.  Today,  those 
services  happen  on  different  servers.  Microsoft  also  is 
hoping  to  add  a  new  personal  identity  system  into  the 
Longhorn  version  of  the  operating  system. 


Technology 

Description 

Microsoft  identity 
Integration  Server 

Metadirectory,  account  provisioning, 
password  synchronization. 

Windows 

Orchestration  Engine 

Workflow  orchestration  technology  that 
will  be  used  in  the  identity  platform. 

Passport 

Yes,  that  Passport.  Despite  rumors  of 
its  death,  Microsoft  is  planning  an 
enterprise  twist  for  the  much-maligned 
identification  system. 

Info  Card 

XML-based,  user-controlled  identity 
card  for  authentication  in  personal 
communication,  data  sharing  or 
application  access. 

under  development  called  Win¬ 
dows  Orchestration  Engine 
(WinOE).Work  to  include  WinOE 
in  MIIS  and  other  Microsoft  soft¬ 
ware  is  already  underway 

“Today  you  have  to  purchase 
multiple  products  to  make  all  this 
happen,” says  a  source  who  asked 
not  to  be  named.  “But  in  the 
[operating  system]  you  would  get 
it  for  free  and  other  applications 
could  use  those  services.” 

While  all  this  integration  could 
be  years  down  the  road,  it  dove¬ 
tails  with  identity  services  Micro¬ 
soft  is  set  to  release  by  year-end  in 
the  next  version  of  Windows 
Server,  dubbed  R2. 

R2  includes  Active  Directory 
Federation  Services  (ADFS), 
which  lets  user  identity  informa¬ 
tion  one  company  supplies  be 
used  to  gain  access  on  partner 
networks. 

Adding  single  sign-on 

ADFS  will  eventually  provide 
the  Web  single  sign-on  capabili¬ 
ties  that  Microsoft’s  identity  plat¬ 
form  currently  lacks,  and  it  is  the 
foundation  of  Microsoft’s  adop¬ 
tion  of  Web  services  security 
protocols  in  Windows,  such  as 
WS-Federation  and  the  Security 
Assertion  Markup  Language 
(SAML). 

The  federation  services  will  in¬ 
tersect  with  personalized  identity 
services  Microsoft  is  developing, 
including  a  revival  of  Passport 
with  a  focus  on  corporate  users, 
sources  say 

Passport  was  Microsoft’s  first 
pass  at  developing  a  single  sign- 
on  service,  but  bugs,  privacy  con¬ 
cerns  and  dwindling  support 
caused  its  demise. 

Sources  say  Microsoft  is  devel¬ 


oping  an  MIIS  connector  to  syn¬ 
chronize  Passport  with  corporate 
directories.  The  idea  is  that  com¬ 
panies  could  set  up  their  own 
Passport  hubs  to  store  their  user 
information  without  any  Micro¬ 
soft  involvement  and  use  ADFS  to 
federate  their  hub  with  their  part¬ 
ners’  Passport  hubs. 

Personalization  would  be 
rounded  out  using  the  client- 
side  Identity  System  and  Infor¬ 
mation  Card  being  developed 
for  Longhorn.  The  Information 
Card  technology  is  the  exact 
opposite  of  Passport’s  design  in 
that  users  are  in  control  of  their 
personal  information  and  how  it 
is  shared. 

The  cards  could  be  used  in 
peer-to-peer  relationships, 
including  validating  e-mail 
senders,  or  as  a  single  sign-on 
control.  The  cards  also  could 
secure  access  control  and  com¬ 
munication  between  a  user  and 
a  company,  and  between  depart¬ 
ments  or  organizations. 

Microsoft  plans  to  tie  the 
Identity  System  into  its  larger  Web 
Services-based  federated  identity 
initiatives. 

The  vendor  hopes  to  make  the 
cards  cross-platform,  but  critics 
say  the  key  will  be  if  Microsoft 
supports  other  federation  stan¬ 
dards,  including  the  SAML  and 
the  Liberty  Alliance’s  similar  user¬ 
centric  identity  model.  ■ 
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Mergers 

continued  from  page  1 

Qwest  did  not  say  if  the  modi¬ 
fied  bid  would  be  higher  than  its 
$8  billion  initial  offer. 

The  reasons  for  the  interest  in 
MCI  are  the  same  as  those  cited  in 
the  $16  billion  SBC/AT&T  mar¬ 
riage  earlier  this  month:  an  instant 
influx  of  high-ticket  large  en¬ 
terprise  customers;  national  and 
global  infrastructure;  and  a 
wealth  of  IP  assets  upon  which  to 
generate  new  services  and  new 
service  revenue. 

“The  deal  is  strategic,  simple, 
straightforward  and  compelling,” 
says  Verizon  Chairman  and  CEO 
Ivan  Seidenberg,  who  adds  it  will 
accelerate  Verizon’s  $250  million 
Enterprise  Advance  initiative.  MCI 
Chairman  and  CEO  Michael  Ca- 
pellas  says  “there  is  no  question, 
our  future  is  brighter  together!’ 

Capellas  also  says  it’s  what  cus¬ 
tomers  want:  “simplified  delivery, 
one-stop  shopping  and  one  point 
of  contact.” 

They  also  want  competitive 
prices,  which  typically  requires 
more  competitors.  But  the  effect 
this  recent  consolidation  has  on 
pricing  “remains  to  be  seen,”  says 
George  Laskaris,  executive  direc¬ 
tor  of  NJEDge,  New  Jersey’s 


I  FCC  could  force  requirements  on  merged  companies 

IT 


l  he  FCC  could  play  a  significant  role  in 
shaping  the  futures  of  SBC/AT &T  and 
Verizon/MCI  by  requiring  specific  net¬ 
work  construction,  says  a  former  FCC 
chairman. 

In  considering  approvals  for  the  proposed 
mergers,  the  FCC  could  attach  require¬ 
ments  about  their  use  of  technology,  says 
Reed  Hundt,  who  was  chairman  of  the  FCC 
when  the  Telecommunications  Act  of  1996 
was  passed. 

"The  most  obvious  one  would  be  a  condi¬ 
tion  to  require  investment  in  broadband," 
Hundt  says.  The  U.S.  lags  behind  other 
countries  in  Asia  and  Europe  in  broadband 
deployment,  which  could  be  considered  a 
competitive  disadvantage.  The  U.S.  isn't 
even  on  the  list  of  the  20  countries  with  the 
highest  percentages  of  households  with 
DSL  lines,  according  to  the  most  recent 
DSL  Forum  count. 

“The  obvious  thing  for  any  government  to 
require  is  that  [SBC  and  Verizon]  at  their 
new  huge  size,  free  from  the  burden  of 


competition  in  the  local  market,  would  plow 
more  money  into  broadband,"  he  says. 

The  mergers  of  the  two  largest  regional 
phone  companies  with  the  two  largest  long¬ 
distance  providers  isn’t  what  legislators 
had  in  mind  when  they  wrote  the  telecom 
act,  and  some  blame  the  FCC. 

“The  FCC’s  decisions  are  causing  compa¬ 
nies  to  merge  and  will  result  in  fewer  com¬ 
petitors  in  the  marketplace  —  and  that’s 
bad  news  for  consumers,  high-tech  work¬ 
ers,  manufacturers,  and  the  prospects  for 
further  innovation,"  says  Rep.  Ed  Markey 
(D-Mass.),  who  helped  write  the  1996  law. 

“The  idea  of  the  1996  Telecom  Act  was 
that  the  big  long-distance  companies  would 
compete  against  the  local  Bells  in  the  local 
market  and  the  Bells  would  compete 
against  the  big  long-distance  companies  in 
long-distance,"  Hundt  says. 

In  addition,  new  competitive  local  carriers 
would  spring  up  to  create  even  more  com¬ 
petition  for  local  phone  service,  boosting 
choice  and  driving  down  cost. 


But  recent  FCC  rules  on  how  much  com¬ 
petitors  must  pay  to  the  big  local  carriers 
to  lease  phone  lines  and  switching  — 
known  as  UNE-L  and  UNE-P  —  have 
essentially  made  it  impossible  to  mount 
viable  local  competition,  Markey  says. 

He  also  says  regulation  essentially  forced 
AT&T  and  MCI  into  seeking  partners  that 
own  vast  local  networks.  “This  combina¬ 
tion,  much  like  the  recently  announced 
merger  between  AT &T  and  SBC,  would 
have  been  unnecessary  until  the  FCC 
issued  a  series  of  decisions  which  closed 
the  door  on  the  long-distance  industry's 
ability  to  compete  in  the  local  residential 
telecommunications  marketplace,"  he  says. 

Hundt  says  the  blame  falls  on  outgoing 
FCC  Chairman  Michael  Powell.  “He  put  the 
kibosh  on  UNE-P  and  he  altered  the  pricing 
for  UNE-L  and  did  a  number  of  other  things 
to  discourage  the  long-distance  companies 
from  making  necessary  investments  [in 
local  networks],"  he  says. 

—  Tim  Greene 


statewide  higher-education  net¬ 
work  and  a  Verizon  customer. 
“There  can  still  be  considerable 
competition  between  those  [car¬ 
riers]  ,”  which  would  keep  prices 
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low,  he  says. 

“There  is  the  opportunity  for 
MCI  and  Verizon  to  create  a  win- 
win  scenario,  but  the  jury  is  still 
out  on  how  successful  the  merg¬ 
er  will  be,”  says  Mike  Woods,  CIO 
at  NPC  International,  the  largest 
Pizza  Hut  franchisee  in  the  world 
and  an  MCI  Private  IP  customer. 
Woods  says  there  could  be  short¬ 
term  “adverse  effects”  in  areas 
such  as  network  and  billing  inte¬ 
gration. 

One  of  the  benefits,  according 
to  GMAC  Financial  Services  in 
Detroit,  is  consolidation  of  multi¬ 
ple  contracts  with  myriad  carriers 
scattered  across  the  globe.  GMAC 
does  business  in  41  countries. 

“We  have  contracts  with  all  of 
them,”  says  Arvind  Sabharwal, 
director  of  global  computing  and 
telecommunications  for  the  $20 
billion  financing  subsidiary  of 
automotive  giant  GM.“We  will  be 
able  to  consolidate  some  of  our 
contracts  and  increase  our  vol¬ 
umes  with  fewer  players.” 

Stable  players 

Sabharwal  also  believes  the 
shakeout  leaves  a  set  of  finan¬ 
cially  stable  players  that  can  pro¬ 
vide  a  consistent  array  of  telecom 
services  and  end-to-end  global 
reach.  He  says  that  during  the  tele¬ 
com  bubble  GMAC  Financial 
Services  and  other  large  corpora¬ 
tions  were  concerned  about  the 
future  shape  of  the  industry  — 
which  companies  would  survive 
and  which  wouldn’t. 

‘At  least  now  the  consolidation 


is  happening  and  there  will  be 
some  level  of  stability  going  for¬ 
ward,  and  we’ll  know  which  play¬ 
ers  survived  and  who  we  need  to 
deal  with  "Sabharwal  says. 

Though  Sabharwal  is  comfort¬ 
able  with  the  current  level  of  con¬ 
solidation,  any  more  might  be 
detrimental  to  corporations  such 
as  GMAC  Financial  Services.  As 
competition  decreases,  some  ana¬ 
lysts  estimate  pricing  of  business 
telecom  services  —  which  have 
been  dropping  15%  to  20%  annu¬ 
ally  —  might  start  to  climb. 

“Telecommunications  pricing 
has  been  great  for  enterprises.  It’s 
something  we  could  rely  on  or 
expect  as  we  went  through  our 
yearly  cost  reduction  efforts,”  he 
says.  “But  if  there’s  some  further 
consolidation,  that  could  be 
harmful  [on  pricing]  in  the  long 
run.  We’re  being  cautious  about 
that.” 

Consultants  share  that  view. 

“Based  on  the  mergers  that  have 
happened  already  we  don’t  yet 
have  a  threat  to  the  competitive 
situation,”  says  David  Rohde  of 
TechCaliber.  “We  might,  de¬ 
pending  on  what  more  transac¬ 
tions  happen  and  what  kind  of 
regulatory  conditions  come 
about.” 

NJEDge’s  Laskaris  says  the  FCC 
might  intervene  if  telecom  ser¬ 
vice  costs  start  heading  up. 

“It’s  kind  of  like  we’re  going 
back  to  where  we  started  in  this 
industry"  he  says,  a  view  echoed 
by  Jermaine  Mason,  IT  manager 
at  Wilson  Sporting  Goods  in 


Chicago. 

“The  telecom  world  is  going 
back  to  its  old  ways,  but  they 
don’t  want  to  go  too  far  back 
where  the  government  will  tell 
them  what  to  do  with  pricing  and 
break  them  up  again,”  Mason 
says.  “They  have  a  vested  interest 
in  not  raising  prices.” 

Wireless  support 

Wilson  is  an  MCI  WAN  and 
Internet  service  customer  but  gets 
its  wireless  service  from  Cingular, 
which  is  60%  owned  by  SBC  and 
is  in  the  process  of  swallowing  up 
AT&T  Wireless  for  $41  billion. 

MCI  CEO  Capellas  has  made 
several  remarks  about  MCI  need¬ 
ing  to  bring  wireless  into  its  port¬ 
folio  of  services.  If  it  closes  the 
deal  with  Verizon  in  about  a  year 
as  planned,  MCI  will  be  part  of 
the  second-largest  wireless  ser¬ 
vice  provider  in  the  U.S.,  behind 
Cingular/ AT&T  Wireless. 

“The  changes  in  wireless  are 
interesting,”  Mason  says.  “As  a 
Cingular  customer  I’m  wondering 
who  am  I  getting  service  from  and 
where.  It  will  be  interesting  to  see 
what  [Verizon]  will  try  to  offer 
MCI  customers.” 

Qwest  is  not  a  strong  wireless 
player.  The  carrier  resells  the 
Sprint  PCS  nationwide  service.  It 
also  sold  its  in-region  wireless 
assets  to  Verizon  Wireless  last  year 
for  $418  million. 

In  addition  to  wireless  voice  and 
data,  Verizon  brings  a  very  con¬ 
centrated  local  presence  in  the 
See  Mergers,  page  13 
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Northeast  and  Mid-Atlantic  regions,  where 
many  of  the  countries  largest  firms  are 
located.  Verizon  has  6,600  points  of  pres¬ 
ence  in  two-thirds  of  the  100  largest  met¬ 
ropolitan  regions  in  the  country  It  also  has 
53  million  access  lines  and  3.6  million 
DSL  subscribers. 

The  downsides  of  Qwest 

Qwest,  meanwhile,  is  saddled  with 
accounting  problems,  $17  billion  in  debt 
and  the  least  attractive  region  of  any  of 
the  RBOCs  —  14  states,  which  encompass 
the  Rocky  Mountains  and  sparsely  popu¬ 
lated  states  such  as  Wyoming,  Montana 
and  the  Dakotas. 

“It’s  always  been  a  problem  with  their 
region,”  says  Will  Stofega,  an  analyst  at 
IDC.  “They’ve  really  been  working  to  get 
themselves  back  on  the  right  foot,  work¬ 
ing  hard,  but  it’s  like  rolling  a  boulder 
uphill.” 

All  together  now 

Verizon  and  MCI  bring  substantial 

network  assets  to  the  table. 

Verizon 

•  6,600  local  points  of  presence  (POP). 

•  9  million  fiber  miles. 

•  53  million  local  access  lines. _ 

•  3.6  million  DSL  customers. 

Verizon  Wireless 

•  Second-largest  wireless  carrier,  with 
43.8  million  users. 

•  3G  network  deployment. 

MCI  _ 

•  4,500  IP  POPs. 

•  Services  offered  in  140  countries. 

•  100,000-mile  fiber-optic  network. 

•  130  data  centers. 


Verizon  and  Qwest  were  two  of  several 
companies  trying  to  get  on  MCI’s  dance 
card  since  the  interexchange  carrier 
emerged  from  Chapter  1 1  bankruptcy  pro¬ 
tection  in  April  following  the  largest  cor¬ 
porate  accounting  scandal  in  U.S.  history 
Despite  its  problems,  MCI  was  an  attractive 
acquisition  target  for  a  handful  of  reasons, 
including  its  20  million  voice,  data  and 
Internet  access  customers;  one  of  the 
largest  global  IP  networks;  and  about  $4.4 
billion  in  cash  and  debt  of  only  about  $6 
billion,  which  is  considered  low  in  the 
telecom  world. 

It  remains  to  be  seen  if  BellSouth  jumps 
on  the  merger  bandwagon.  It  could 
choose  to  remain  independent  and  focus 
on  its  core  region, which  is  what  BellSouth 
has  done  even  though  it  sized  up  AT&T 
two  years  ago. 

Should  Qwest  lose  its  bid  for  MCI,  ana¬ 
lysts  say  it  could  continue  to  compete 
with  Verizon/MCI  and  SBC/ AT&T  for  enter¬ 


prise  business  in  and  out  of  its  region. 
Qwest  operates  an  OC-192  nationwide  IP 
backbone. 

As  for  Sprint,  its  $35  billion  acquisition  of 
Nextel  makes  no  bones  about  its  intention 
to  focus  on  wireless  —  perhaps  too  much, 
some  suggest. 


“There  is  concern  that  Sprint  is  becoming 
too  focused  on  wireless  and  may  not  be 
investing  enough  in  expanding  its  landline 
services,” says  Lisa  Pierce,  a  vice  president  of 
consulting  at  Forrester  Research. 

TechCaliber’s  Rohde  concursr’Tm  some¬ 
what  disquieted  by  sort  of  the  lack  of  lan¬ 


guage  coming  out  of  top  management 
about  wireline.” 

Other  analysts  say  Qwest,  BellSouth  and 
Sprint  could  form  a  three-way  partner¬ 
ship,  or  individually  link  up  with  a  cable 
company  looking  for  an  installed  base  of 
triple-play  customers.  ■ 
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I  convinced  my  boss  to  get 
this  big  honkin’  collaboration 
infrastructure  only  a  genius 
like  me  could  ever  use. 
Check  it  out  on  my  blog 
at  www.frankwillis.com 

-  Frank  Willis 
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Ipswitch  Collaboration  Suite,  the  solution  for  small 
Collaboration  Suite  and  mid-sized  business  collaboration  that  just  works. 

Use  Microsoft®  Outlook®  or  your  browser  to  connect 
to  a  powerful  industry-leading  messaging  server.  Communicate  in  real  time  with  anyone 
in  your  company  using  secure  instant  messaging.  Streamline  group  collaboration  with 
shared  calendars  and  free-busy  meeting  scheduling.  Reduce  junk  e-mail  and  stop 
viruses.  All  this,  and  Ipswitch  Collaboration  Suite  is  easy  to  install,  manage  and  use. 
Play  it  “safe"  like  Frank.  Or  be  smart.  Go  to  www.  ipswitch  .com  and  find  success 
with  Ipswitch  Collaboration  Suite. 
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mailboxes  worldwide 
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The  ballroom-sized  area  that  sits  next  to  their  underground  silo's  former 
missile  bay  is  where  Don  and  Charlene  Zwonitzer  want  to  set  up  their  dis¬ 
aster-recovery  center. 


Bunker 

continued  from  page  1 

“garage”  door,  where  the  military 
once  backed  in  its  82-foot-long 
Atlas  missile. 

“This  really  is  our  dream  home, 
I’ve  fallen  in  love  with  it,”  says 
Charlene,  an  interior  designer 
and  artist  who  helped  design  the 
silo’s  living  quarters  and  doesn’t 
miss  cleaning  windows.  At  5,000 
square  feet,  the  home  is  the 
smaller  of  the  buried  com¬ 
pound’s  two  underground  struc¬ 
tures. 

There’s  more  to  the  dream. 

The  Zwonitzers  want  to  fill 
15,000  nearly  vacant  square  feet 
of  their  bunker  with  racks  of 
computers  to  provide  a  safe  digi¬ 
tal  haven  for  everyone  from  For¬ 
tune  500  companies  to  family 
businesses  looking  to  secure 
their  data  as  part  of  disaster- 
recovery  or  business-continuity 
plans. 

Underground  campaign 

The  couple  thinks  it  has  the 
perfect  location:  centrally  lo¬ 
cated,  geologically  stable,  away 
from  major  metropolitan  popula¬ 
tions  and  military  targets  and 
secured  with  a  nine-foot  barbed- 
wire-topped  compound  fence 
and  steel  blast  doors. 

Don,  a  warm  man  in  both  his 
demeanor  and  the  cardigan  he 
wears  to  ward  off  the  nip  in  the 
underground  air,  rattles  off  those 
benefits  almost  forgetting  to  add 
that  the  structure  is  the  epitome 
of  physical  security  with  its  two- 
foot-thick  cement  walls  and  ceil¬ 
ings  constructed  with  139,000 
cubic  yards  of  reinforced  con¬ 
crete  and  27,840  tons  of  struc¬ 
tural  steel. 

Kimball  County,  where  cows 
outnumber  humans  four  to  one, 
is  remote,  but  Don  says  access 
abounds  for  potential  tenants. 
The  bunker  is  within  a  few  miles 
of  the  Kimball  Airport  Flight 
Center,  which  accommodates 
small  jets.There  is  the  railroad 
and  a  north-south  Interstate  to 
be  finished  by  2009  that  will 
intersect  1-80  at  a  junction  less 
than  two  miles  from  the 
Zwonitzer’s  home. 

Kimball  has  nine  motels,  and 
the  Zwonitzer’s  property  has  two 
aboveground  mobile  homes  that 
can  serve  as  office  space  or  tem¬ 
porary  housing. 

Cyber  access  also  is  abundant, 
as  the  nearby  Sprint  SONET  ring 
can  provide  72  strands  of  fiber, 
allowing  anything  from  OC-3  to 
OC-192  connections  or  even  a 
direct  link  to  the  ring. 

“This  is  absolutely  fascinating,” 


says  Fred  Wettling,  infrastructure 
architect  for  Bechtel,  about  the 
silo’s  possible  second  life.  In 
1959,  Bechtel  helped  draw  the 
blueprints  for  the  bunker  and 
then  aided  in  its  construction. 

“If  we  still  had  offices  in 
Denver,  this  might  work  fine  as  a 
disaster-recovery  center. The  idea 
has  merit.”  Wettling  says  physical 
security  is  key  but  other  factors 
come  into  play  for  disaster 
recovery 

“You  look  at  any  large  data 
center,  and  air  conditioning  is  a 
big  concern  during  a  power  out¬ 
age,”  he  says.“The  temperature 
can  skyrocket.” 

The  bunker  without  any  inter¬ 
nal  heat  source  stays  at  about  52 
degrees  in  the  winter  and  55  in 
the  summer. The  humidity  is 
under  60%,  which  is  healthy  for 
humans  and  computers,  and  pre¬ 
vents  mold  growth. 

A  hands-on  guy 

Don,  57,  a  retired  electrical 
engineer  with  a  passion  for  com¬ 
puters,  likes  to  showcase  his 
rebuilding  project,  including  a 
sophisticated  filtration  system  to 
keep  the  inside  air  clean  even  if 
there  is  a  nuclear  blast  outside, 
and  the  UPS  he  constructed  for 
the  home  and  will  replicate  in 
the  disaster-recovery  center. 

The  UPS,  which  backs  up  com¬ 
mercial  power  from  the  local  util¬ 
ity  includes  a  diesel-powered  gen¬ 
erator  and  two  banks  of  flooded 
lead-acid  deep-discharge  batter¬ 
ies  configured  at  24  volts  that  can 
supply  four  days  of  power  on  a 
single  charge. The  couple  also 
keeps  300  gallons  of  fuel  for  the 
generator,  which  gets  three  hours 
of  run  time  per  gallon. 

The  first  UPS  is  backed  by  a 
second  UPS  that  consists  of  eight 
banks  of  batteries  that  can  be 
charged  by  a  second  generator, 
which  is  fueled  by  a  second  300- 


gallon  diesel  reserve,  or  by  wind 
or  solar  power. 

“It’s  redundancy  to  the 
extreme,”  Don  says.“You  never 
know  what  service  is  going  to  go 
awa/ 

One  thing  that  won’t  go  away  is 
the  silo.  Its  two  square  structures, 
Cold  War  relics  that  once  housed 
a  260,000-pound  intercontinental 
ballistic  missile  and  a  launch 
command  center,  sit  side  by  side 
underground,  connected  by  a 
120-foot  culvert-like  tunnel. The 
silo  is  designed  to  withstand  a  1- 
megaton  blast  up  to  1.6  miles 
away  which  is  77  times  the  size 
of  the  bomb  that  leveled 
Hiroshima,  Japan,  in  World  War  II. 

Don  has  turned  the  home  into 
his  personal  workshop  with  sen¬ 
sors  to  warn  of  approaching 
cars  and  interior  motion  detec¬ 
tors  that  automatically  turn  on 
lights  when  someone  enters  a 
room.  He  also  has  installed  a 
surveillance  camera  above¬ 
ground  that  swivels  360  degrees 
and  zooms  to  display  the  out¬ 
side  world  on  a  61-inch  projec¬ 
tion  television  in  the  living 
room. The  camera  is  operated 
by  remote  control  or  by  a  voice- 
activated  computer  named  after 
Hal,  the  inanimate  star  of  the 
movie  “2001 :  A  Space  Odyssey’ 
which  the  Zwonitzers  saw  on 
one  of  their  first  dates. 

The  bunker,  commissioned  in 
1962  and  shuttered  in  1965,  has 
been  a  labor  of  love  for  the  cou¬ 
ple,  who  purchased  it  from  a  sal¬ 
vage  company  for  $40,000  in 
1996.They  spent  two  years  refur¬ 
bishing  the  site  and  another  five- 
and-a-half  years  perfecting  the 
interior  after  they  moved  in. 

What  was  once  infested  with 
darkness,  litter,  twisted  metal,  ver¬ 
min  and  school-boy  graffiti  now 
has  a  bright  kitchen  and  living 
room  with  15-foot  ceilings,  a 
corn-burning  stove  for  heat  and 


a  recreation  room  with  a  pool 
table,  Ping-Fbng  table,  exercise 
equipment,  hot  tub  and  indoor 
waterfall. 

In  2002,  their  daughter  Janelle 
rode  into  the  missile  bay  in  a 
horse-drawn  carriage  and  was 
married  in  front  of  100  guests. 

The  Zwonitzers  are  much  like 
anyone  approaching  retirement 
age.  Don  has  his  home  projects 
and  fiddles  with  Hal,  having  pro¬ 
grammed  him  to  playfully  mimic 
Charlene’s  catch  phrase, “I  just 
love  this  place,”  every  time  some 
decorative  lighting  is  turned  on. 

Charlene,  54,  spends  time  in  her 
sewing  loft  above  the  guest  bed¬ 
room,  where  she  makes  dolls  or 
plays  out-of-date  video  games  on 
an  aging  computer.  She  keeps 
ample  pictures  of  the  couple’s 
four  kids  and  six  grandchildren 
spread  throughout  the  living 
room,  two  bedrooms  and  library 
And  she  gushes  about  establish¬ 
ing  the  disaster-recovery  center,  a 
project  that  could  bring  her  two 
software  engineer  sons  to  live 
on-site. 

“I’d  love  to  have  my  grand- 
babies  around,” she  says. 

She  also  grows  fresh  fruit  and 
vegetables,  having  converted  the 
silo’s  flame  pit,  which  tunneled 
the  missile’s  exhaust  away  from 
the  bunker,  into  a  greenhouse 
that  slopes  on  a  45-degree  angle 
from  30  feet  underground  to  the 
glass  roof  at  ground  level. 

The  bunker  has  a  canning 
kitchen,  pantry  and  monster 
food  supply  that  could  sustain  1 1 
people  underground  for  more 
than  a  year.  There  is  also  a 
16,000-gallon  water  reserve  that 


backs  up  a  well  and  solar-pow¬ 
ered  water  heaters  that  ensure 
hot  showers  at  night. 

Now  the  chore  is  to  make  the 
other  dream  come  to  life. 

Moving  inP 

“People  get  it  as  soon  as  you 
say  ‘missile  silo.’They  know  it’s  a 
hardened  structure,"  says  Don 
Lewis,  CEO  of  EMR4Doctors. 
com,  which  develops  software  to 
manage  medical  clinic  data.The 
Henderson,  Nev.,  company  is 
considering  the  Zwonitzer’s 
bunker  to  establish  a  data  back¬ 
up  and  retrieval  center  for  the 
400  clinics  it  serves. 

Lewis  says  the  Sept.  1 1  attacks 
and  the  recent  tsunami  have 
added  survivalism  into  the  disas¬ 
ter-recovery  picture.“My  biggest 
image  is  still  of  the  World  Trade 
Center  towers  coming  down." 

Another  prospective  tenant,  the 
Texas  company  Digs,  which  man¬ 
ages  data  for  healthcare  facili¬ 
ties,  sees  the  same  physical  bene 
fits. 

“This  makes  sense  to  us,”  says 
Floyd  Godfrey  president  of  Digs. 
“We  had  not  thought  of  anything 
like  this  when  we  were  looking 
for  a  secure  building.” 

While  the  Zwonitzers  are  con¬ 
vinced  they  have  a  diamond  in 
the  rough,  Don  says  what  they 
need  now  is  awareness  to  get  the 
ball  rolling. 

“We  need  someone  to  get  us 
started, someone  to  come  in 
here  and  push  our  button,”  he 
says,  not  ignoring  the  fact  that  he 
is  sitting  in  the  very  room  that  in 
1962  housed  “that”  button,  the 
one  that  fired  the  missile.  ■ 


EBBERS  ON  TRIAL:  Sullivan  admits  his  guilt 

Former  WorldCom 
CFO  Scott  Sullivan 
testified  last  week  that  he 
knowingly  broke  the  law 
in  an  effort  to  mask  the 
company's  dire  financial 
situation,  a  financial  fraud 
that  Sullivan  and  pros¬ 
ecutors  contend  was 
orchestrated  by  former 
CEO  Bernie  Ebbers.  “At 
that  point  in  time,  I  knew 
it  was  wrong  and  I  knew 

it  was  against  the  law,"  Sullivan  said  during  his  seventh  day  of 
testimony  in  Ebbers'  trial.  Although  Sullivan  testified  that  no  other 
executives  were  present  when  Ebbers  made  his  intentions  clear,  he 
also  said  Ebbers  made  it  clear  to  him  and  others  that  meeting  Wall 
Street  expectations  was  paramount.  "He  would  make  comments  to 
me  in  the  presence  of  other  people  that  ‘We'll  just  have  to  get  a  new 
CFO,’ "  Sullivan  said.  "He  said  it  in  a  kidding  way,  but  I  didn't  take  it 
as  a  joke.”  Ebbers  has  maintained  his  innocence  throughout  the 
scandal,  and  his  defense  attorneys  are  attempting  to  portray  Sullivan, 
who  has  already  pleaded  guilty  to  fraud,  as  the  sole  mastermind. 


Ebbers  leaves  Federal  Court  in  New  York  after  a  pre¬ 
trial  hearing.  (AP  photo/Mary  JUtaffer) 
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HAVE  A  GUT  FEEL  FOR  THE  ACQUISITION 
COSTS  OF  LINUX  VS.  WINDOWS?  ■ 
HERE'S  A  DETAILED  ANALYSIS. 
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Source:  BearingPoint,  2004 
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Windows  Server  2003  Full  Support  (24x7):  10%  of  servers  are  Enterprise  Edition,  90%  Standard  Edition 
Red  Hat  Full  Support  (24x7):  100%  of  servers  are  AS  Premium 

Red  Hat  Limited  Support:  10%  of  servers  are  AS  Premium  (24x7),  90%  ES  Standard  (12x5) 

Novell's  SUSE  Linux  (24x7):  10%  of  servers  are  Enterprise  Server,  90%  Standard  Server 


1  YEAR 


3  YEARS 


5  YEARS 


A  recent  study  of  licensing  and  support  costs  conducted  by  BearingPoint, 
a  leading  independent  consulting  firm,  found  that  these  acquisition  costs 
for  Windows  Server™2003  are  comparable  to  Red  Hat  Enterprise  Linux  or 
Novell’s  SUSE  Linux  Enterprise  Server  "despite  the  common  perception  that 
Linux  is  free  or  very  inexpensive."  However,  if  you  require  full  24x7  phone 
support  on  all  servers,  licensing  and  support  for  Windows  Server  2003  can 
cost  up  to  73%  less  than  Red  Hat  Enterprise  Linux*  over  five  years. 

For  the  full  study,  visit  microsoft.com/getthefacts 


•Red  Hat  Full  Support  (24x7)  estimates  based  on  case  where  100%  of  servers  are  Enterprise  Linux  AS  Premium.  Red  Hat  Limited  Support  estimates  are  based  on  case  where  10%  of  servers 
are  Enterprise  Linux  AS  Premium  (24x7  phone  support)  and  90%  are  Enterprise  Linux  ES  Standard  subscriptions  (9  a.m.-9  p.m.  EST  M-F  phone  support).  Windows  Server  estimates 
are  based  on  case  where  10%  of  servers  are  Windows  Server  2003  Enterprise  Edition  and  90%  are  Windows  Server  2003  Standard  Edition  (24x7  phone  support  on  all).  This  study  was 
commissioned  by  Microsoft.  ©  2005  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  Windows  Server,  and  Windows  Server  System  are  either  registered  trademarks 
or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 
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continued  from  page  1 

Other  providers,  including  Bell¬ 
South  and  Global  Crossing,  al¬ 
ready  offer  this  service,  so  AT&T 
will  be  catching  up  here. 

Similarly,  BellSouth  says  later 
this  year  it  will  support  four  class¬ 
es  of  service  in  its  Network  IP  VPN 
service,  something  AT&T,  Sprint 
and  others,  have  today 

On  June  1,  Broadwing  will 
launch  its  Multi-protocol  Label 
Switching  (MPLS)  VPN  service 
which  includes  four  classes  of 
service.  Virtela  has  just  an¬ 
nounced  Ethernet  access  to  its 
VPN  service. 

This  fine-tuning  of  service  offer¬ 
ings  comes  as  IP  VPN  services 
make  gains  on  Layer  2  frame 
relay  as  the  most  popular  form  of 
corporate  networking,  analysts 
say  Network-based  Layer  3  VPN 
services  are  growing  at  30%  per 
year  vs.  low  single-digit  increases 
for  frame  relay  and  ATM  services, 
says  Erin  Dunne,  director  of  re¬ 
search  services  for  Vertical  Sys¬ 
tems  Group. 

U.S.  frame  relay  service  revenue 
actually  will  drop  between  2005 
and  2008  as  IP  VPN  services  rise, 
according  to  an  In-Stat  study  of 
U.S.  IP  VPN  services  called  “High 
Growth  and  Lots  of  Opportunity” 
(see  graphic,  above  right). 

Customers  gradually  will  be 
lured  away  from  Layer  2  frame 
services  to  Layer  3  IP-backbone 
services  as  their  current  network 
contracts  expire  and  their  need 
for  more  fully  meshed  networks 
increases,  says  Henry  Goldberg, 
an  analyst  with  In-Stat.  “IP  VPNs 
with  quality  of  service  guarantees 
are  a  good  solution  for  compa¬ 
nies  that  want  to  integrate  voice, 


video  and  data  on  their  net¬ 
works,”  he  says. 

An  AT&T  IP  VPN  service  with 
four  classes  of  service  lets 
Michael  Baker  Corp., support  Web 
collaboration  and  an  ERP  appli¬ 
cation.  “We  never  would  have 
been  able  to  support  this  over  our 
legacy  network,”  says  Davidson 
Scott,  director  of  IT  architecture 
and  infrastructure  at  the  Moon 
Township,  Pa.,  firm. 

Baker’s  previous  frame  relay 
hub-and-spoke  layout, which  had 
no  QoS  guarantees  for  applica¬ 
tions,  wasn’t  responsive  enough 
for  current  uses,  he  says.The  uses 
included  delay-sensitive  VoIP 
and  about  60  Web  sites  for  engi¬ 
neers  to  collaborate  on  projects, 
Scott  says. 

One  key  difference  between 
Layer  2  services  such  as  frame 
relay  and  ATM,  and  Layer  3  IP 
VPNs  based  on  MPLS  is  that  Layer 
2  requires  a  separate  permanent 
virtual  circuit  (PVC)  to  connect 
each  site  to  every  other  site. 
Carriers  charge  for  these  PVCs, 
which  makes  fully  meshed  net¬ 
works  expensive.  With  IP  VPNs, 
one  access  line  connects  each 
site  to  the  network,  which  routes 
to  all  other  VPN  sites  without  the 
need  or  expense  of  PVCs,  making 
the  Layer  3  service  less  expensive 
in  many  cases. 

A  fully  meshed,  30-site  VPN  for 
Sta-Home  Home  Health  Agency 
in  Jackson,  Miss.,  costs  25%  less 
than  a  hub-and-spoke  frame 
relay  network  that  connects  the 
same  sites,  says  Barry  Davis, 
director  of  IT  at  the  company 
The  BellSouth  service  connects 
the  sites  by  DSL  lines,  which  is 
significantly  less  expensive  than 
frame  links,  he  says.  Two  years 
ago,  128K  bit/sec  frame  circuits 


WAN  options  not  perfect 

While  Layer  2  frame  relay  services  still  dominate  Layer  3 
IP  VPN  WAN  services,  each  has  their  advantages  and 


disadvantages. 

Pros 

Cons 

Frame  relay 

It's  familiar  to  many  customers  so 
requires  no  training. 

Frame  links  can  be  melded  into  IP 

VPNs  if  customers  decide  to  switch. 

Some  customers  feel  Layer  2 
services  are  more  secure. 

Has  higher  overhead  affecting 
throughput. 

Has  slower  top  speeds. 

Adding  sites  requires  more 
time  and  work  than  IP  VPNs. 

jjjjjlP  VPN 

f. '  It 

Fully  meshed  sites  without  extra, 
costly  PVCs. 

Can  be  provisioned  more  quickly. 
Supports  hybrid  access  methods. 

Might  not  offer  QoS  options. 

Might  require  some  training. 
Providers  might  not  have 
peering  for  international  reach. 

C  >| 

Frame  waning 

Frame  relay  is  maintaining 
its  lead  over  IP  VPN 
services,  but  that  will 
shrink  and  frame  revenues 
will  drop  over  the  next 
three  years,  according  to 
a  new  In-Stat  study. 


U.S.  revenues  (in  billions) 


cost  $200  to  $250,  while  384K 
bit/sec  DSL  lines  to  the  VPN  cost 
$139,  he  says. 

Frame  relay  still  might  be  less 
expensive  for  customers  that 
don’t  need  a  meshed  network, 
says  Suzy  Gray  BellSouth’s  direc¬ 
tor  of  next-generation  solutions. 
“But  if  it’s  fully  meshed,  no  wa^’ 
she  says. 

Providers  let  customers  con¬ 
nect  to  their  VPN  networks  via  a 
range  of  access  technologies: 
ATM,  DSL,  Ethernet,  private  line 
and  even  dial-up.  Some  providers 
also  let  customers  create  IPSec 
VPN  tunnels  to  the  carrier  net¬ 
work,  terminate  the  tunnel  and 
then  transport  the  traffic  across 
their  IP  VPN  network. 

This  is  important  to  customers 
that  like  the  familiar  technology 
of  a  frame  relay  port  better  than 
an  IP  port  at  their  sites,  Dunne 
says  “Why  do  they  use  it?  Because 
it’s  already  there,  it’s  their  existing 
access  method,  so  it’s  pretty  trans¬ 
parent  to  the  user,  which  they 
like,”  she  says. 

Some  providers  offer  MPLS  VPN 
services  with  the  option  of  either 
Layer  2  or  Layer  3.  Broadwing 
offers  both,  with  those  customers 
that  don’t  want  to  reveal  their 
Layer  3  routing  information  to 
carriers  likely  to  choose  Layer  2. 
To  provide  a  Layer  3  service, 
Broadwing  and  others  must  enter 
customer  routing  tables  in  virtual 


routers  in  the  carrier  network. 

Some  providers  manage  the 
customer-site  gear,  so  users  never 
have  to  deal  with  the  device  that 
connects  their  sites  to  the  pro¬ 
vider  network.  That  is  the  case  for 
Interior  Architects,  a  San  Fran¬ 
cisco  architectural  firm  that  uses 
Sawis  Communications’  Intelli¬ 
gent  IP  Networking  service.  Sawis 
installs  a  bridge  at  customer  sites. 
The  bridge  lacks  intelligence  to 
prioritize  traffic,  so  Sawis  offers 
service  quality  guarantees  among 
points  of  presence  in  its  own  net¬ 
work,  says  Bryan  Almquist,  the 
firm’s  director  of  IT. 

Sawis  says  it  will  introduce 
more  intelligent  access  devices 
later  this  year,  and  Almquist  says 
he  hopes  that  means  class-of- 
service  guarantees  site-to-site.  In 
the  meantime,  he  is  considering 
adding  separate  traffic  shapers  at 
each  site  to  prioritize  important 
traffic  and  provide  reporting  on 
network  use  by  traffic  type. 

Layer  3  VPN  services  are  giving 
customers  options  they  didn’t 
consider  before.  QoS  availability 
is  making  VoIP  a  consideration 
for  Sta-Home  Health.  The  com¬ 
pany  tried  to  run  VoIP  between  its 
sites  in  1997  using  Micom  gear, 
but  the  quality  of  calls  was  too 
low  when  high  data  traffic  caused 
congestion,  Davis  says.  “At  some 
times  of  day  VoIP  was  perfect. 
Later,  you  could  barely  talk.  We 
got  burned  on  that,”  he  says. 

But  with  service  quality  guaran¬ 
tees  on  the  BellSouth  network,  he 
says  he  might  give  it  another  shot. 
“We’re  looking  at  it  now  to  see  if 
it’s  cost-effective,”  he  says. 

“Layer  3  VPNs  give  you  more 
flexibility,  more  options,”  says 
Zeus  Kerravala,  an  analyst  with 
The  Yankee  Group.  But  he  says 
that  customers  looking  to  carry 
their  VPNs  between  two  carriers’ 
networks  still  have  some  waiting 
to  do. 

Some  U.S.  carriers  have  peered 
their  networks  with  carriers  in 
other  countries  to  expand  the 
reach  of  their  services,  but  that  is 
done  very  seldomly  among  U.S. 
carriers,  Kerravala  says.“It’s  more 
prevalent  in  Europe.  The  prob¬ 
lem  with  U.S.  carriers  is  everyone 
wants  to  own  everything,” 
Kerravala  says. 

However,  he  says  he  suspects 
that  eventually  U.S.  carriers  will 
peer  with  each  other,  which  will 
expand  customer  options.  ■ 
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■  VOIP  ■  WIRELESS  LANS 


VoIP  security  vendors  debut  new  tools 

Bear,  education  programs  seek  to  speed  adoption,  keep  VoIP  networks  out  of  trouble. 


Making  VoIP  safe 


VoIP  promises  high-quality  phone  calls  and  the  possibility  of  blending 
voice  and  data  to  create  richer  conferencing,  but  is  the  technology  as 
safe  from  attack  as  traditional  voice? 


Challenge 

Surges  in  data  traffic  can  diminish 
voice  quality  on  a  converged  LAN. 

Compromised  network  gear  can  leak 
voice  conversations  to  unfriendly 
parties. 

VoIP  traffic  can  have  trouble  getting 
through  firewalls. 


Like  other  parts  of  a  network  infra¬ 
structure,  VoIP  gear  is  susceptible  to 
being  com-mandeered  by 
unauthorized  users. 


Strategy 

Install  routers  that  support  QoS  and  place 
voice  and  daa  gear  on  separate  virtual  LANs 
or  even  separate  LANs. 

Practice  sound  network  security  to  protect 
the  infrastructure,  and  consider  encrypting 
voice  calls  so  even  if  they  are  captured  they 
cannot  be  understood. 

Evaluate  current  firewalls  and  upgrade  to 
one  that  handles  network  address  translation 
problems,  or  use  separate  session  border 
controllers  to  deal  with  the  problem. 

Separate  management  traffic  from  voice 
traffic  to  minimize  the  number  of  devices 
that  have  access  to  VoIP  control  planes  in 
call  servers. 


I  BY  TIM  GREENE 

Vendors  are  rolling  out  gear  dedicated  to 
blP  security  and  at  the  same  time  mount- 
lg  an  IP  network  security-awareness  cam- 
>aign  as  an  additional  way  to  keep  attacks 
cm  crashing  VoIP  networks. 

SecureLogix,  BorderWare  and  NFR  Se- 


Takes 

■  Novell  last  week  rolled  out  a  SuSE 
Linux-based  software  appliance  de¬ 
signed  to  protect  businesses  against 
security  threats.  Novell  Security 
Manager  has  a  Web-based  manage¬ 
ment  interface  and  includes  six  secu¬ 
rity  applications  —  firewall;  VPN  gate¬ 
way;  intrusion  protection,  virus  pro¬ 
tection  and  spam  protection  blocks; 
and  content  filtering.  These  capabili¬ 
ties  let  customers  control  the  traffic 
flow  into  an  organization  and  block 
attacks  on  a  network.  The  VPN  capa¬ 
bility  provides  secure  network  access 
to  remote  users.  With  spam  protec¬ 
tion  blocks,  IT  administrators  can 
select  rules,  patterns  and  thresholds 
to  quarantine  or  report  suspected 
spam.  Security  Manager  sits  at  the 
edge  of  a  network  and  can  protect 
Windows,  NetWare,  Linux  and  Unix 
networks.  Novell  Security  Manager 
starts  at  $315  for  one  server  and  10- 
device  license.  Novell  sells  the  soft¬ 
ware  from  Astaro  on  an  OEM  basis. 

■  Radware  has  added  VPN  support 
to  its  LinkProof  Branch  appliance 

that  shapes  traffic  and  selects  the 
best  path  for  Internet-bound  traffic. 
The  appliance  is  designed  for  sites 
that  have  more  than  one  ISP  feed  to 
■  the  Internet.  It  pings  the  ISP  connec¬ 
tions  and  determines  which  is  the 
best  path  for  traffic  to  take  based  on 
round-trip  latency  and  the  number  of 
router  hops.  The  box  terminates  IPSec 
VPN  sessions,  eliminating  the  need 
for  separate  VPN  appliances  in 
branch  offices.  LinkProof  Branch 
ranges  in  price  from  $5,000  to  $  ;0,000. 


curity  last  week  announced  appliances 
that  filter  VoIP  traffic  to  find  and  drop  mali¬ 
cious  traffic  that  is  indicative  of  attempts  to 
hijack  phone  calls, crash  IP  PBXs  and  flood 
voice  mail  systems  with  junk  messages. 

While  there  is  no  evidence  to  show  an 
increase  in  assaults  against  VolPadvocates 
of  tightened  security  say  that  it  is  just  a  mat¬ 
ter  of  time  before  attackers  craft  exploits 
specifically  to  cripple  voice. 

“We  want  to  provide  enough  information 
to  deter  threats  and  help  customers  plan  to 
deploy  VoIP  securely  says  David  Endler, 
chairman  of  the  VoIP  Security  Alliance,  a 
group  formed  to  spread  the  word  that  gen¬ 
eral  network  security  is  key  to  VoIP  security 
He’s  also  the  director  of  Digital  Vaccine, 
one  of  the  TippingFbint’s  security  products. 
“It  only  takes  one  high-profile  attack  to 
slow  the  adoption  of  VoIP,”  Endler  says. 

The  Tribute  Company  newspaper  and 
television  conglomerate  plans  to  install  a 
SecureLogix  Enterprise  Telephony  Man¬ 
agement  System,  with  its  new  Version  5  soft¬ 
ware  that  supports  VoIP  protection.  “We 
want  to  get  it  installed  and  learn  about 
[VoIP  security]  from  the  outset”  says  Bill 
Rasmussen,  manager  of  telephone  services 
for  the  company 

The  Tribune  Company  which  has  used 
VoIP  for  some  of  its  employees  for  two  and 
a  half  years,  wants  to  avoid  attacks  that 
affect  availability  and  quality  The  Blaster 
worm  hit  the  company’s  network, and  while 
it  didn’t  directly  infect  VoIP  machines,  its  dis¬ 
ruption  of  the  network  turned  message 
lights  on  and  off  on  the  IP  phones. 

The  SecureLogix  software  he  is  buying 
acts  as  a  voice  application  firewall  and 
seeks  denial-of-service  (DoS)  attacks 
launched  via  Session  Initiation  Protocol 
(SIP)  signaling  and  malformed  packets.  It 
looks  for  traffic  patterns  that  indicate  unau¬ 
thorized  use  and  voice  mail  spamming. 

BorderWare  is  introducing  its  own  appli¬ 
ance  designed  to  block  VoIP  attacks.  The 
company  is  releasing  an  appliance  that 
screens  SIRthe  call  setup  protocol  that  VoIP 
gear  uses  most.  Called  SIPassure,  the  com¬ 
pany  describes  it  as  a  SIP  firewall  that  looks 
for  a  range  of  attacks  such  as  attempts  to 
discover  legitimate  IP  phone  addresses  via 
directory  harvesting;  clogging  voice  mail 
systems  with  voice  spam  sent  as  audio 
files;  voice  phishing,  in  which  voice  mails 
urge  users  to  return  calls  and  leave  per¬ 
sonal  financial  information;  and  DoS 
attacks  against  voice  servers. 


SIPassure  also  can  detect  attempts  to 
redirect  calls  to  another  phone,  hijack 
ongoing  calls  and  turn  on  other  phones  so 
they  act  as  a  receiver  of  the  conversations. 

The  equipment  does  this  by  examining 
call  setup  requests  at  the  application  layer. 
If  it  finds  traffic  that  violates  security  poli¬ 
cies  set  on  the  box,  it  can  reject  the  con¬ 
nection.  SIPassure  will  be  available  this 
summer. 

NFR  has  announced  an  appliance  called 
Sentivist  that  also  sorts  through  SIP  traffic 
and  looks  for  malformed  packets  or  traffic 
patterns  that  fall  outside  the  norm  and  cuts 
off  sessions  that  seem  suspicious.  Sentivist, 
which  also  screens  instant-messaging  traf¬ 
fic,  starts  at  $20,000. 

VoIP  security  starts  with  the  network 

The  National  Institute  of  Standards  and 
Technology  recently  issued  a  report  called 
“Security  Considerations  for  Voice  Over  IP 
Systems”  that  details  network  security  con¬ 
siderations  users  must  act  on  to  protect 
their  voice  networks. 

Users  must  consider  voice  an  applica¬ 
tion  running  on  an  IP  network  and  protect 
it  as  they  would  protect  any  other  appli¬ 
cation,  says  Brian  Cincera,  vice  president 
of  security  solutions  for  Greenwich  Tech¬ 
nology  Partners. 


This  is  the  strategy  of  Bank  of  America, 
which  is  rolling  out  VoIP  and  a  security  and 
authentication  infrastructure  at  the  same 
time.  “Our  security  initiative  is  a  separate 
project  from  our  [VoIP]  rollout,  but  it  will 
have  to  work  on  multiple  fronts  with  our 
VoIP  infrastructure,”  says  Craig  Hinkley  the 
bank’s  senior  vice  president  of  network 
architecture  and  strategic  design. 

He  recommends  encrypting  voice  traffic. 
“It’s  unlikely  a  man  in  the  middle  could 
intercept  and  inject  new  words  in  a  con¬ 
versation,  but  with  a  sniffer  could  tap  a  call 
and  post  a  word  file  of  it  online,”  he  says. 
Encrypting  the  call  blocks  this  possibility 
he  says. 

Cincera  recommends  that  VoIP  handsets 
authenticate  to  the  network  to  prevent  IP 
address  spoofing  of  legitimate  phones  to 
gain  access  to  legitimate  VoIP  gear. 

Management  traffic  to  VoIP  servers 
should  run  separately  from  VoIP  signaling 
and  call  traffic  to  prevent  network  users 
from  hacking  the  servers  themselves. 
Cincera  says. 

Properly  implemented  VoIP  is  safe, 
Cincera  says.  “Is  there  an  inherent  security 
flaw  in  VoIP?  The  answer  is  no,”  he  says. 

Network  World  Senior  Editor  Phil 
Hochmuth  contributed  to  this  story. 
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USA:  HP  finds  place  for  virus  throttling 


■  BY  PAUL  ROBERTS 

New  technology  on  servers  and 
switches  from  HP  could  slow 
virus  outbreaks  on  computer  net¬ 
works  that  use  the  HP  products. 

HP  last  week  announced  com¬ 
mercial  implementations  of  tech¬ 
nology  it  calls  virus  throttling  that 
can  slow  the  rate  viruses  and 
worms  spread  in  a  corporate  net¬ 
work.  HP  is  offering  the  virus¬ 
throttling  software  for  ProLiant 
Servers  and  ProCurve  Network¬ 
ing  by  HP  5300  series  switches. 
HP  also  unveiled  the  Security 
Containment  software  suite, 
which  locks  down  software  appli¬ 
cations  that  have  been  compro¬ 
mised,  says  Tony  Redmond,  head 
of  HP’s  Security  Office. 

The  software  delivers  on  tech¬ 
nology  HP  unveiled  last  year  at 
the  RSA  Conference  and  is  part  of 


HP’s  program  to  develop  technol¬ 
ogy  that  keeps  computer  net¬ 
works  operating  in  the  event  of 
fast-moving  attacks.  HP  will  dem¬ 
onstrate  both  technologies  next 
week  at  the  2005  RSA  Conference 
in  San  Francisco,  Redmond  says. 

Virus  throttling  is  a  technology 
developed  at  HP  Labs,  the  com¬ 
pany’s  research  facility  which  can 
spot  systems  on  a  computer  net¬ 
work  that  are  attempting  to  make 
a  large  number  of  network  con¬ 
nections,  a  common  symptom  of 
virus  infection.  After  identifying 
an  infected  system,  the  software 
notifies  administrators  and  auto¬ 
matically  chokes  off,  or  “throttles,” 
outbound  connections  from  it. 
This  keeps  the  system  online,  but 
prevents  the  virus  from  spreading 
rapidly  Redmond  says. 

Virus  throttling  won’t  prevent 
infected  computers  from  com¬ 


municating  with  other  systems  on 
a  network,  but  it  will  keep  them 
from  bogging  down  other  com¬ 
puters  and  applications,  and  let 
legitimate  traffic  circulate. 

“If  you  have  a  mistake  in  your 
firewall  or  [intrusion-detection 
system]  and  a  virus  gets  through, 
it  can  wreak  havoc  in  your  cor¬ 
porate  environment,”  Redmond 
says.  “Administrators  can  find  it 
difficult  to  cope,  trying  to  swim 
upstream  against  a  mass  of 
viruses  that  are  trying  to  connect 
at  hundreds  or  thousands  of  con¬ 
nections  a  minute.” 

The  virus-throttling  feature  is 
available  on  ProLiant  servers 
running  Windows  2000  or  2003 
Server,  as  part  of  the  ProLiant 
Essentials  Intelligent  Network¬ 
ing  Pack,  which  costs  $149.  The 
feature  is  also  available  as  a  free 
download  for  ProCurve  Net¬ 


working  5300  switch  customers 
that  have  active  maintenance 
and  support  agreements.  HP 
says  it  hopes  to  add  the  virus 
throttling  features  to  more  of  its 
switches  in  the  future, 
Redmond  says. 

HP  also  announced  the  HP 
Security  Containment  suite,  a 
software  package  for  systems 
running  the  HP-UX  1 1  iv2  operat¬ 
ing  system.  It  lets  administrators 
create  secure  virtual  environ¬ 
ments  that  prevent  damaged  or 
hijacked  applications  from 
affecting  applications  or  files 
elsewhere  on  the  server, 
Redmond  says. 

The  addition  of  virus-throttling 
features  in  two  products  is  proof 
that  research  done  in  the  HP’s 
labs  can  find  a  quick  path  to  the 
company’s  products,  he  says. 

But  HP  also  has  experienced 


some  hiccups  along  the  way  In 
August,  Redmond  said  virus 
throttling  would  be  challenging 
to  implement  in  diverse  net¬ 
works,  citing  conflicts  with  the 
Windows  operating  system. 

While  the  company  has  ironed 
out  those  problems,  a  second 
technology  that  was  unveiled  at 
last  year’s  RSA  Conference,  dub¬ 
bed  Active  Counter  Measures, 
still  is  being  field-tested  internally 
and  with  HP  customers. 

Active  Counter  Measures  lets 
administrators  find  machines 
even  if  they  are  outside  of  the 
company’s  patch  management 
system  or  “unmapped,”  or  are 
unknown  to  administrators. 
Network  administrators  can  then 
“vaccinate”  vulnerable  machines. 

Roberts  is  a  correspondent  with 
the  IDG  News  Service. 


HP  unleashes  WAN,  LAN,  wireless  product  launch 


\ 

Configuration  rollback 

HP’s  new  7000  series  routers  lets  users  keep  routers  running  in  case  of 
errors  or  maintenance. 


HP  7000  series  WAN  router  in  file  stored  on  the  router, 

a  branch. 

V _ , 


■  BY  PHIL  HOCHMUTH 

HP  this  week  is  expected  to  make  a  three¬ 
pronged  product  launch  to  help  users  add 
lower-cost  WAN  connectivity  to  branch 
offices  and  improve  security  on  wired  and 
wireless  LANs. 

The  first  is  HP’s  ProCurve  7000  series  WAN 
routers,  aimed  at  providing  multiple  carrier 
WAN  links,  with  support  for  VPNs  and  a 
built-in  firewall.  HP  says  it  provides  stan¬ 
dard  WAN  routing  protocols  and  security 
capabilities  that  cost  40%  to  50%  less  than 
competing  Cisco  branch-office  routers. 

Also  on  tap  is  a  new  module  for  the 
ProCurve  5300  series  switches,  which  lets 
every  port  on  the  box  support  WLAN 
switch  features,  such  as  WLAN  client 
authentication,  fast  access-point-to-access- 
point  connection  handoff  and  security  fea¬ 
tures.  Software  that  can  throttle  back  traffic 
speeds  on  network  ports  where  virus-relat¬ 
ed  traffic  blasts  are  detected  is  also  new. 

The  ProCurve  7102dl  and  7203dl,HP’s  first 
WAN  routers,  are  designed  to  run  in  small 
to  midsize  branch  offices  that  connect 
back  to  a  central  site. The  7102dl,  which  is 
comparable  to  Cisco’s  1700  or  2600  series 
routers,  has  two  WAN  interface  slots,  up  to 
128M  bytes  of  memory,  and  can  support  a 
maximum  of  fourT-1  links. The  7203dl  has 
three  WAN  slots,  with  support  for  up  to  eight 
T-ls,  and  up  to  256M  bytes  of  RAM.  The 
7203dl  can  be  outfitted  with  a  redundant 
power  supply. 

Both  7000  series  routers  include  a  stateful 
packet-inspection  firewall  and  can  be 
upgraded  to  support  remote  access  or  site- 
to-site  VPNs  via  a  daughtercard.  The  VPN 
acceleration  card  supports  IPSec  VPNs  and 


point-to-point  protocol  tunneling.  Client 
licenses  for  Windows  95,  98,  2000  and  XP 
machines  are  available  in  packs  of  100,  and 
an  unlimited  license  pack  is  also  available. 

With  its  first  router  launch,  HP  joins  other 
switch  vendors,  including  3Com,  Enterasys 
Networks  and  Foundry  Networks,  which 
are  challenging  a  market  long-dominated 
by  Cisco.  Research  from  various  industry 
analyst  firms  shows  that  Cisco  has  between 
80%  and  85%  of  worldwide  revenue  market 
share  for  branch-office  WAN  routers. 

Many  Cisco  router  competitors,  HP 
included,  are  attacking  the  vendor  on 


price.  HP  says  its  $7,900  ProCurve  7203dl 
router  can  offer  equal  WAN  connectivity 
and  firewall  capabilities  as  a  similarly  con¬ 
figured  Cisco  2600,  which  costs  about 
$12,500  —  a  cost  savings  of  about  40%. 
Other  competitors  claim  similar  savings. 

In  addition  to  basic  WAN,  VPN  and  fire¬ 
wall  features,  the  7000  series  also  includes 
management  features,  which  HP  says  are 
unique  to  the  devices.  One  feature  is  the 
ability  to  load  multiple  router  operating  sys¬ 
tem  images  on  a  single  box.This  lets  a  tech¬ 
nician  roll  back  a  router  configuration  to  a 
previous  version  if  something  goes  wrong 


during  a  software  upgrade,  HP  says. 

HP  also  is  releasing  its  virus-throttling  soft¬ 
ware  for  the  ProCurve  5300  switch  as  a  free 
software  update  (see  related  story  above),  j 
The  software  lets  a  switch  recognize  anom-  'y 
alous  traffic  patterns. 

“Viruses  and  worms  like  [SQL  Slammer] 
send  out  TCP  messages  at  over  800  per  sec¬ 
ond, ’’says  John  McHugh,  vice  president  and 
general  manager  of  HP’s  ProCurve  division. 
“Most  applications  don’t  do  that.” 

The  software  on  the  switches  can  be  con¬ 
figured  to  squeeze  bandwidth  on,  or  just 
block,  ports  where  unusual  amounts  of  traf¬ 
fic  are  passing  through.  The  software  then 
reports  the  IP  address  to  an  administrative 
workstation  running  HP’s  ProCurve  Man¬ 
ager  Plus  software,  which  is  used  to  admin¬ 
ister  and  set  security  policies  on  ProCurve 
switches. 

New  hardware  for  the  ProCurve  5300 
switch  includes  the  new  Access  Controller 
Module  (ACM)  .This  blade  provides  the  fea¬ 
tures  of  HP’s  ProCurve  700wl  series  of 
WLAN  gateways:  802.  lx  authentication, 
centralized  WLAN  access  point  configura¬ 
tion,  fast  connection  handoff  for  WLAN 
devices  roaming  among  access  points,  and 
traffic  encryption,  among  other  features. 
The  ACM  blade  lets  any  port  on  a  5300 
switch  support  these  WLAN  switch  func¬ 
tions  when  connected  to  an  access  point. 
HP  says  the  device  can  be  deployed  with 
either  HP  access  points  or  standard  802.1 1 
access  points  from  other  vendors. 

The  7000  series  routers  start  at  $6,500, 
while  the  ProCurve  5300  ACM  blade  costs 
about  $5,500.  Both  products  will  be  avail¬ 
able  in  April.  The  virus-throttling  software 
for  the  5300  switch  is  a  free  upgrade.  ■ 
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(imputing 


Tool  partitions  one  processor  into  1 0 


■  BY  DENI  CONNOR 

Newcomer  Virtual  Iron  Software  last 
week  introduced  virtualization  software 
designed  to  turn  individual  servers  and 
groups  of  machines  into  symmetric  mul¬ 
tiprocessing  systems. 

The  company’s  x86-based  software  dif¬ 
fers  from  virtualization  tools  sold  by 
Microsoft  and  VMware  because  it  not 
only  can  partition  a  single  processor  but 
can  work  across  up  to  16  processors  on 


■  Sun  last  week  at  LinuxWorld 
upgraded  its  Opteron-based 
servers.  The  enhanced  Sun  Fire 
V20z  and  V40z  use  Advanced  Micro 
Device's  new  2.6-GHz  processor.  The 
servers,  which  will  be  available  at  the 
end  of  March,  will  also  be  as  much  as 
20%  less  expensive  than  their  2.4- 
GHz  predecessors.  The  dual-proces¬ 
sor  v20z  starts  at  $2,600;  the  four- 
processor  v40z  starts  at  $7,000. 

■  Xiotech  last  week  rolled  out  an 
entry-level  storage-area  net¬ 
work  that  works  with  Windows, 
NetWare,  Linux,  Unix  and  Macintosh 
host  computers.  The  Magnitude  lOOOe 
has  56  Fibre  Channel  or  Serial 
Advanced  Technology  Attachment 
drives  of  36G-  to  300G-byte  capacity. 
The  system  enables  data  to  be 
stored  on  more  expensive  Fibre 
Channel  drives,  less  expensive  and 
slower  Fibre  Channel  drives  or  inex¬ 
pensive  Serial  ATA  drives.  The  lOOOe 
starts  at  $40,000  for  a  IT- byte  config¬ 
uration.  Fibre  Channel  host  bus 
adapters  and  a  Fibre  Channel  switch 
cost  extra. 

■  PogO  Linux  has  introduced  an 
eight- way  Opteron  server  that 
starts  at  $23,000.  The  Performance- 
Ware  5864  boasts  AMD’s  800  series 
Opteron  processors,  four  onboard 
Gigabit  Ethernet  ports  and  64G  bytes 
of  memory.  The  system  comes  with 
up  to  five  SCSI  hard  drives  and  a 
Linux  CD  set. 


separate  machines  to  handle  application 
workloads. Virtual  Iron’s  software  can  par¬ 
tition  a  single  processor  into  10,  accord¬ 
ing  to  the  company. 

Each  virtual  computer  is  capable  of  run¬ 
ning  a  separate  Novell  or  Red  Hat  Linux 
instance,  and  because  it  is  isolated  from 
other  operating  systems  can  dynamically 
draw  from  a  common  pool  of  computing 
resources  such  as  memory  processors, 
disk  and  network  I/O.  The  company  says 
this  is  more  efficient  than  running  a 
bunch  of  single-function  servers. 

The  software  includes  VFe  Foundry, 
which  separates  applications  from  under¬ 
lying  hardware  and  operation  system  soft¬ 
ware.  This  secures  the  applications,  pro¬ 
tecting  them  from  disruptions  from  other 
applications,  the  company  says. 

Policy  and  management  software, 
dubbed  VFe  Manager,  lets  IT  managers 
set  QoS  requirements  and  remotely 
manage  virtual  computers  on  a  net¬ 


work,  re-provisioning  resources  to  appli¬ 
cations  as  necessary  using  pre-written 
scripts  or  programs. 

“It  is  potentially  advantageous  to  virtu¬ 
alize  across  systems  at  a  low  level,  rather 
than  virtualize  one  system  at  a  time  and 
then  tie  it  together  with  higher-level  soft¬ 
ware,”  says  Gordon  Haff,  senior  analyst  for 
consultancy  Illuminata. 

However,  he  says  that  latency  could  be  a 
concern. 

“Creating  virtual  [symmetric  multipro¬ 
cessing  servers]  from  multiple  systems 
across  a  fabric  raises  some  real  questions 
about  performance,”  he  says.“Latency  and 
communications  time  is  much  greater 
over  a  system-to-system  link,  even  Infini¬ 
Band,  than  within  a  single  box.” 

The  product,  which  is  scheduled  to  ship 
in  the  second  quarterns  now  in  beta  tests. 
It  will  be  priced  based  on  the  number  of 
virtual  servers  created.  The  management 
software  will  be  priced  separately  ■ 


PROFILE:  VIRTUAL  IRON 
SOFTWARE  (formerly  Katana 
Technologies) 

Location:  Acton,  Mass. 

Founded:  March  2003 

Business:  Virtualization  software 

Founders:  Scott  Davis,  strategy  and 
corporate  development,  and  CTO 
(previously  with  Mangosoft);  Alex 
Vasilevsky,  EVP  technology  and 
architecture,  and  chief  scientist 
(previously  with  Ucentric  Systems). 

Funding:  $20  million  from  Highland 
Capital  Partners,  Matrix  Partners  and 
Goldman  Sachs. 

Employees:  35 

Notable  fact:  CEO  and  President 
JohnThibault  ran  unsuccessfully  for 
the  Massachusetts  Senate. 

Novell  targets  healthcare  with  new  workstation 


Novell  was  really  stretched  last  week 
with  a  major  presence  at  both 
LinuxWorld  on  the  East  Coast 
and  the  RSA  Conference  on  the  West 
Coast.  Most  major  announcements  were 
released  simultaneously  at  both  shows, 
and  most  got  more  attention  at  Linux¬ 
World  because,  well,  Jack  Messman  and 
crew  are  the  darlings  of  the  fans  of  the 
open  source  operating  system.  But  there 
was  one  announcement  that  stood  out,  at 
least  to  me,  because  it’s  a  product  I’ve 
hoped  for  and  users  have  asked  for:  It’s 
the  Novell  Clinical  Workstation,  and  it 
promises  to  not  only  make  life  easier  for 
the  users  but  make  a  longer  life  possible 
for  many  people. 

If  you’ve  ever  been  in  the  hospital, 
you’re  probably  familiar  with  the  clip¬ 
board  attached  to  the  bottom  of  the  bed 
containing  every  detail  of  your  condi¬ 
tion,  diagnosis,  prognosis,  vital  signs  and 


other  relevant  information.  If  you’ve  ever 
tried  to  read  one,  you  found  out  why 
doctors  have  a  reputation  for  poor  hand¬ 
writing.  More  than  one  patient  has 
received  the  wrong  medication  or  treat¬ 
ments  because  something  on  the  chart 
was  read  wrong.  For  a  long  time,  what 
hospital  IT  managers  have  advocated 
was  a  tablet-like  computer  interface  to 
the  hospital’s  central  records  so  that  accu¬ 
rate,  readable  information  was  always 
available. 

Privacy  was  the  major  drawback  to 
implementing  this,  and  regulatory  issues 
such  as  those  in  the  Health  Insurance 
Portability  and  Accountability  Act 
impose  draconian  penalties  for  violating 
privacy.  Strong  passwords  don’t  work 
because  the  doctors  and  nurses  can’t 
be  bothered  to  wait  to  log  on  at  every 
bed  they  visit  (and  always  forget  to  log 
out.it  seems).  In  practice,  people  would 
share  passwords,  leave  accounts  logged 
on  and  in  many  ways  violate  every  tenet 
of  security  the  network  manager  tried  to 
implement. 

Enter  Novell  Clinical  Workstation, 
which  uses  Novell  eDirectory-enabled 
technology  to  utilize  biometric  authenti¬ 
cation,  and  the  use  of  tokens  such 
as  proximity  cards  to  quickly  and  effi¬ 
ciently  log  on  users  —  and  just  as  effi¬ 


ciently  log  them  out  when  they  move  on. 

There’s  a  lot  more  to  it,  of  course  —  see 
www.novell.com/healthcare  for  more 
details  —  but  to  finally  see  something 
I’ve  hoped  for  come  to  fruition  from  a 
company  that  1  know  can  handle  the 
technology  well,  that’s  a  really  great  feel¬ 
ing.  Now  if  only  new  Marketing  Vice 
President  Bill  Hewitt  (he  come  over 
from  PeopleSoft)  can  get  the  word  out  to 
those  who  need  to  know. 

Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@uquill.  com. 


Tip  of  the  Week 


Novell  also  made  possible 
more  secure  open  source 
products  by  releasing  new, 
more  secure  interfaces  to 
eDirectory  for  use  by  the 
Samba  and  OpenRADiUS 
working  groups  (see  www. 
nwfusion.com,  DocFinder: 
5935). 
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Cutting  the  cord  on  thin  clients 


■  BY  JOHN  COX 

Thin  clients  were  once  as  chained  to  the  corporate 
desktop  as  full-blown  PCs.  But  that’s  changing  now 
as  wireless  LANs  and  3G  cellular  networks  become 
more  common. 

Using  both  types  of  wireless  networks,  end  users  can 
have  a  relatively  simple,  diskless  notebook-style  or  hand¬ 
held  device  that  connects  securely,  often  via  a  Web  inter¬ 
face,  to  their  full  suite  of  enterprise  applications  running 
on  centrally  managed  server  farms. 

The  benefits  are  extensive: 

•  Minimal  or  no  application  development  for  mobile 
computing. 

•  Data  remains  on  servers,  not  on  clients  that  can  be 
lost  or  stolen. 

•  Software  updates  are  made  on  a  few  servers,  not  on 
many  clients. 

•  Real-time  access  to  enterprise  data  for  mobile 
workers. 

A  number  of  recent  developments,  besides  better  wire 
less  connections,  are  fueling  interest  in  wireless  thin 
clients.  One  is  the  growing  use  of  operating  systems  tai¬ 
lored  for  thin-client  devices,  especially  Windows  XP 
Embedded  (XPE).  But  lightweight  Linux  variants  also 
are  cropping  up. 

Other  developments  include:  the  growing  sophistica¬ 
tion  of  display  technology;  the  ease  with  which  a  grow¬ 
ing  number  of  peripherals  can  be  used  by  thin  clients, 
via  USB  and  other  high-performance  interfaces;  a  new 
breed  of  thin  clients  designed  for  wireless  deployments, 
including  products  from  HRMaxspeed,  Neoware, Wyse 
Technologies  and,  most  recently,  Motion  Computing. 

Motion  executives  discovered  that  some  of  the  health¬ 
care  customers  for  the  company’s  line  of  tablet  PCs,  run¬ 
ning  Windows  XP  Tablet  PC  Edition,  were  configuring 
the  devices  as  thin  clients  —  with  no  local  data  storage 
—  linking  to  Citrix  servers. 

“The  evolution  of  wireless  nets  was  now  allowing  the 
bandwidth  for  thin-client  sessions  to  work  efficient^’ 
says  Peter  Hunt,  vice  president  of  the  value-added  prod¬ 
ucts  division  for  the  Austin, Texas  company. “So  we 
thought  of  using  the  existing  hardware  platform  but 
using  Windows  XP  Embedded  as  the  operating  system, 
freezing  the  software  image  of  the  device  into  a  much 
smaller  footprint  and  using  a  flash  RAM  drive  instead  of 
a  spinning  hard  drive.” 

Motion  released  the  M1400TC  Table  Client  in  January, 
priced  at  about  $l,650.The  tablet  boasts  handwriting  sup¬ 
port,  a  wide  viewing-angle  display  screen  and  a  built-in 
fingerprint  reader.lt  has  a  10/100M  bit/sec  Ethernet  inter¬ 
faces  PC  Card  slot,  two  USB  ports  and  an  802.1  lg/b 
WLAN  adapter. 

Familiar  middleware 

If  much  of  the  client  technology  is  new,  the  core  mid¬ 
dleware  components  of  a  wireless  thin-client  deploy¬ 
ment  are  not. They’re  the  same  as  those  used  in  con¬ 
ventional  thin-client  desktops.  Citrix  Systems  is  the 
leader  in  this  area,  with  its  suite  of  software  built 
around  its  MetaFrame  server  Independent  Computing 
Architecture  (ICA)  protocol  for  client-to-server  com¬ 


munications.The  most  recent, and  renamed,  release  is 
Citrix  MetaFrame  Presentation  Server  3.0.  Rivals 
include  Microsoft  Windows  Server  2003  Terminal 
Services, Tarantella’s  Secure  Global  Desktop,  Jetro 
Platforms’  CockpIT  and  BoostIT,  and  HOB’s  HOBlink 
JWT  Java  software. 

Microsoft  Terminal  Services  runs  server-based  Win¬ 
dows  applications,  sharing  them  with  multiple  users. 


This  clients  go  mobile: 
Broadband  wireless 
links  and  sophisticated 
client  devices  are  mak¬ 
ing  thin  clients  a  viable 
model  for  wireless 
deployments.  Shown  are 
Sierra  Wireless'  Aircard 
580  for  Verizon's  EV-D0 
36  cellular  net,  with 
300-500K  bit/sec  band¬ 
width  (right)  and  Motion 
Computing's  new  thin 
client  product,  with 
built-in  WLAN  adapter 
(below). 


Microsoft  offers  a  less-developed  rival  to  ICA  called 
Remote  Data  Protocol. 

Lexington  Medical  Center,  a  292-bed  complex  in  West 
Columbia, S.C.,  has  rolled  about  60  of  an  eventual  100- 
plus  thin  clients  that  link  over  a  Cisco  802.1  lg/b  WLAN 
to  a  suite  of  nursing,  clinical  and  physician  applications. 
These  run  on  a  group  of  15  Citrix  servers,  based  on  HP 
ProLiant  servers  with  Windows  2000  and  Service  Pack  4. 

The  initial  focus  for  the  thin  clients  is  to  let  nurses 
access  a  Web-based  server  application  via  Citrix  for 
administering  and  monitoring  medications  given  to 
patients,  usually  at  bedside. 

Sixty  Wyse  Winterm  945XL  thin  clients  are  mounted 
on  mobile  carts  from  Flo  Healthcare.  The  carts, 
designed  for  bedside  computing,  look  like  pillars 
mounted  on  a  stable  platform  of  rotating  wheels.They 
are  fitted  with  a  flat  shelf,  with  a  sealed  slotted  mount 
beneath  it  for  the  thin-client  box,  a  hidden  connection 
to  the  WLAN  antenna  mounted  on  the  rear  of  the  shelf, 
a  slide-out  full  keyboard,  and  a  17-inch  flat  panel  dis¬ 
play.  Lexington  Medical  chose  a  sealed  lead-acid  bat¬ 


tery  as  an  alternative  to  the  more  expensive  nickel 
metal  hydride  battery  option. 

The  hospital  staff  also  added  to  the  cart  a  pistol-like 
bar-code  scanner.  Nurses  scan  their  own  IDs,  the  patient 
IDs  and  the  medications  being  administered. The  appli¬ 
cation  software  checks  for  the  “five  rights,”  as  they’re 
known:  the  right  patient,  medication,  time  of  day  dose 
and  route  —  the  way  the  drug  is  given  to  the  patient. 

“The  nursing  staff  is  really  enjoying  the  system,” says 
Cindy  Malphrus,  the  project  manager  for  the  system.“It’s 
preventing  errors.  We  get  [application]  reports  to  see 
how  many  errors  have  been  prevented.  And  they  think 
they  can  actually  give  meds  faster  now,  although  that 
wasn’t  a  reason  for  doing  this.” 

By  a  stroke  of  good  luck,  the  thin  clients  were  being 
deployed  just  as  the  rest  of  the  IT  group  completed  the 
hospital-wide  WLAN  deployment.  One  goal  for  the  new 
WLAN  is  to  support  wireless  VoIRusing  Cisco  handsets. 
“You  need  to  have  good  WLAN  coverage  for  that,”  says 
Jeff  Jones,  Lexington’s  network  administrator.“By  design¬ 
ing  the  WLAN  for  optimal  phone  coverage,  it  gave  us 
good  coverage  also  for  our  thin  clients.” 

The  rollout  went  off  without  a  hitch.Training  sessions 
showed  nurses  how  to  maneuver  and  adjust  the  carts, 
and  cautioned  them  that  the  stubby  black  rod  was  not  a 
handle  but  the  WLAN  antenna. 


3G  is  key 

One  big  change  in  2004  was  the  spread  of  3G  cellular 
networks  that  can  support  data  services  in  the  300K  to 
500K  bit/sec  range.  Finally  catching  up  were  XPE  soft¬ 
ware  drivers  that  would  support  cellular  cards  for  net¬ 
works  such  as  Evolution-Data  Optimized  (EV-DO). 

Zumasys  is  a  Lake  Forest,  Calif.,  Citrix  value-added 
reseller  with  more  than  70  customers  using  thin  clients 
on  3G  cellular  data  networks,  says  Company  President 
Paul  Giobbi.  He’s  seeing  adoption  of  diskless,  laptop-like 
thin  clients  such  as  Maxspeed’s  MaxBook  married  to  EV- 
DO  offerings  from  carriers  such  as  Verizon.“All  you  need 
is  wireless  access  to  the  Internet,”  he  says. 

“Think  about  that:  a  whole  series  of  thin-client  devices 
accessing  not  just  [personal  information  manager]  and 
e-mails  like  today’s  BlackBerry  but  all  of  your  corporate 
applications,”  Giobbi  says. 

One  client  is  Continental  Lab  Products,  a  San  Diego 
supplier  of  laboratory  products  to  life  science  organiza- 
tions.The  company  last  year  extended  its  Citrix  thin- 
client  deployment  by  using  Panasonic  Toughbook  lap¬ 
tops  and  a  choice  of  Sierra  Wireless  cellular  interface 
cards  so  sales  representatives  can  access  intranet,  CRM 
and  ERP  applications  over  Verizon’s  EV-DO  network, 
BroadbandAccess.  Sales  representatives  can  access 
orders,  inventory  and  other  data  on  the  road  or  at  a  cus¬ 
tomer’s  site.  The  deployment  won  best  in  class  recogni¬ 
tion  in  Qualcomm’s  2004  3G  cdmA-List  awards.  ■ 


Wireless 
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Using  RFID  to  boost  business’  bottom  line 


■  BY  ANN  BEDNARZ 

Plans  to  deploy  radio  frequency  identifi¬ 
cation  technology  in  supply-chain  settings 
have  kept  retailers  and  manufacturers  busy 
over  the  last  couple  of  years,  spurred  by 
adoption  mandates  from  Wal-Mart,  Target, 
the  US.  Department  of  Defense  and  others. 

Early  IT  pilots  focused  on  the  physics  of 
RFID  —  finding  ways  to  improve  reader 
performance,  figuring  out  how  to  apply 
tags  and  other  device-focused  issues.These 
days,  IT  executives  are  turning  their  atten¬ 
tion  to  higher-level  RFID  challenges,  such 
as  how  to  make  business  sense  of  the  data 
being  collected. 

To  glean  usable  business  intelligence 
from  RFID  data  requires  middleware, 
experts  say  RFID  middleware  sits  between 
the  readers  that  collect  tag  data  and  the 
business  applications  that  eventually  will 
digest  the  data.The  software  manages  RFID 
devices  and  turns  the  data  they  generate 
into  information  that  business  applications 
can  consume. 

Early  adopters  first  worked  on  RFID  de¬ 
vices,  and  now  they’re  ready  to  think  about 
software,  says  Sharyn  Leaver,  a  vice  presi¬ 
dent  and  research  director  at  Forrester  Re¬ 
search.  It’s  a  natural  progression,  she  says. 
“Without  the  tags  and  readers  working  cor¬ 
rectly  there  was  no  need  to  think  about 
middleware  or  applications.  As  the  technol¬ 
ogy  matures,  we’ll  see  the  interest  shift  from 
hardware  up  to  software,”  she  says. 


Stuck  in  the  middle 

A  multi-tiered  approach  to  RFID  middleware  that  distributes  content  filtering,  routing  and  management 
functions  is  effective  for  most  customers,  according  to  Forrester  Research. 

RFID  middleware  infrastructure 


RFID  tags 


RFID  middleware  deployed  next  to 
enterprise  systems  handles  higher-level 
tasks  such  as  context-based  routing, 
application  integration  and  process 
management. 


RFID 

reader 


RFID  middleware  deployed 
closest  to  readers  handles 
lower-level  tasks  such  as 
reader  connectivity,  device 
management,  and  basic  data 
filtering  and  aggregation. 


Warehouse  management  ERP  and 
other  business  applications 


External  sources,  such  as  trading  partner 
systems  and  EPC  Network  systems 
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As  RFID  users  turn  their  attention  to  soft¬ 
ware  challenges,  a  slew  of  vendors  are 
standing  by  with  products.  There  are  pure- 
play  RFID  vendors,  such  as  ConnecTerra 
and  OATSystems,  and  retail  industry  spe¬ 
cialists  such  as  Manhattan  Associates.  Big 
infrastructure  software  companies  IBM, 
Microsoft,  Oracle  and  Sun  also  offer  RFID 
middleware,  as  do  integration  specialists 
such  as  webMethods  and  Tibco  Software. 

Most  recently,  Sybase  subsidiary  iAny- 
where  Solutions  got  into  the  race.  Last 


week,  it  announced  RFID  Anywhere,  a  soft¬ 
ware  platform  that  includes  connectors 
and  controllers  for  communicating  with 
RFID  hardware,  and  simulation  software  for 
assessing  the  potential  impact  of  RFID  data 
loads  and  content  on  networks  and  appli¬ 
cations. 

ProPath  is  one  of  the  first  users  of  RFID 


Anywhere.  The  Dallas  pathology  services 
company  uses  RFID  technology  to  track 
biopsies  and  other  pathology  specimens 
as  they  advance  through  the  laboratory’s 
complex  processes.  An  RFID  tag  placed  on 
every  specimen  that  comes  into  the  lab 
will  store  information  about  the  specimen, 

See  RFID,  page  22 


Vendor  fine-tunes  policy 
to  control  admin  rights 


■  Lucid8  last  week  released  Version  3.1 
of  its  GOexchange  management  plat¬ 
form,  which  includes  new  scanning  cap¬ 
abilities,  configuration  features,  schedul¬ 
ing  controls  and  an  improved  interface. 
GOexchange  is  a  management  tool  that 
proactively  removes  errors  and  incon¬ 
sistencies  from  Microsoft  Exchange 
databases  so  mail  servers  operate  cor¬ 
rectly  and  avoid  unplanned  downtime. 
The  software  supports  Exchange  5.5, 
2000  and  2003.  Server-based  pricing  for 
GOexchange  3.1  starts  at  $750. 

■  Network  and  application  perfor¬ 
mance  management  vendor  NetScout 


last  week  announced  plans  to  acquire 
anomaly  detection  vendor  Quantiva 
for  about  $9  million.  NetScout,  best 
known  for  its  nGenius  WAN  probes  and 
performance  management  software, 
will  incorporate  Ouantiva's  real-time 
performance  metrics  and  anomaly 
detection  software  into  its  products  in 
the  next  year  or  so,  the  company  says. 
With  just  six  staffers  at  Quantiva  — 
five  of  whom  are  engineers  —  Net¬ 
Scout  says  it  will  absorb  the  team  to 
integrate  the  products.  NetScout  ex¬ 
pects  to  release  new  integrated  prod¬ 
ucts  in  the  second  half  of  2006.  The 
acquisition,  NetScout's  first  in  about 
five  years,  is  subject  to  customary  clos¬ 
ing  conditions  and  is  expected  to  close 
early  in  NetScout's  first  quarter  of  fis¬ 
cal  2006. 


■  BY  JOHN  FONTANA 

DesktopStandard  last  week  released  soft¬ 
ware  that  helps  corporations  secure  end- 
user  desktops  by  controlling  the  privileges 
they  have  on  their  own  PCs  on  an  applica- 
tion-by-application  basis. 

The  company  formerly  known  as  Auto- 
Prof,  introduced  FolicyMaker  Application 
Security  (PMAS), which  is  tightly  integrated 
with  Microsoft’s  Active  Directory  to  central¬ 
ly  control  administrative  rights  per  applica¬ 
tion  on  Windows  desktops. 

End  users  with  administrative  rights  to 
their  desktops  pose  a  number  of  security 
risks,  such  as  the  ability  to  load  new  soft¬ 
ware,  change  settings  or  override  adminis¬ 
trative  policies.  Also,  any  malicious  code 
that  could  infect  the  end-user  desktop  via 
programs  such  as  Internet  Explorer  can 
elevate  its  activity  up  to  local  administrator, 


which  would  let  the  nefarious  code  do 
anything  on  the  machine. 

In  Windows,  administrative  rights  are 
either  on  or  off  system-wide,  but  PMAS  fine- 
tunes  that  setting  by  using  centrally  man¬ 
aged  controls  via  Active  Directory’s  Group 
Pblicy  feature. 

Group  Pblicy,  which  is  supported  on 
Windows  2000,  XP  and  Server  2003,  works 
in  conjunction  with  Active  Directory  It  lets 
administrators  manage  and  customize 
desktop  and  server  settings  based  on  a  set 
of  policies  stored  in  the  directory. 

PMAS  adds  an  extension  to  Group  Policy 
that  lets  administrators  assign  administra¬ 
tive  rights  just  for  desktop  applications  that 
need  them  to  run. 

“From  a  security  perspective,  we  do  not 
have  to  give  an  end  user  higher  privileges 
than  what  they  need,”  says  Nick  Duda, 

See  PMAS,  page  22 
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The  school  board  in  Sutter,  Calif.,  and 
the  superintendents  of  the  Brittan 
Elementary  School  seem  to  want  to 
prove  that  generations  of  students  were  cor¬ 
rect  when  they  felt  that  school  officials 
cared  more  about  confining  students  to 
classrooms  than  educating  them.  At  this 
point  the  school  board  is  well  on  its  way  to 
achieving  that  goal. 

Like  petty  little  dictators,  school  officials 
imposed  a  new  ID  system  on  elementary 
school  students.  Students  were  issued  ID 
tags  they  must  wear  around  their  necks  — 
just  like  in  some  prisons  —  and  school  offi¬ 
cials  have  threatened  disciplinary  pro¬ 
ceedings  against  any  student  who  fails  to 


The  kids  were  right,  school  is  a  prison 


do  so. The  tags  include  the  student’s  name, 
picture,  school,  class  year  and  school  ID 
number.The  tags  also  include  an  RFID  chip 
that  responds  to  a  scanner  with  a  student- 
specific  serial  number.  As  part  of  an  initial 
test,  the  school  was  equipped  with  RFID 
scanners  above  the  doors  to  some  class¬ 
rooms  and  bathrooms.  The  system  was  in¬ 
stalled  without  any  advance  notice  or  dis¬ 
cussion  with  students  or  parents. 

School  officials  said  the  system  would 
provide  better  information  about  atten¬ 
dance,  which  the  school  needs  to  report  to 
the  state,  would  let  folks  know  if  a  student 
failed  to  show  up  for  class  and  would  help 
discover  intruders  (because  they  would 
not  have  ID  tags).  According  to  news 
reports,  the  school  has  not  had  a  problem 
with  truancy,  so  school  officials  seem  to  be 
fixing  a  problem  they  do  not  have. 

Note  that  unless  all  people  in  the  build¬ 
ing,  which  includes  teachers  and  officials, 
wear  ID  tags,  it’s  not  clear  how  such  tags 


will  help  pinpoint  intruders.  But  what  the 
ID  tags  do  is  pinpoint  students  while  in 
school  and  while  walking  to  and  from 
school.  Sounds  like  an  ideal  enabler  for 
someone  wanting  to  snatch  a  kid — just  set 
up  an  RFID  scanner  beside  the  path  in  the 
woods,  and  you  will  be  told  when  the  tar¬ 
get  kid  walks  by  with  his  ID  tag  in  his  bag. 

It  is  real  bad  that  school  officials  decided 
to  install  such  a  system  without  prior  dis¬ 
cussion  with  parents.  But  what  is  worse  has 
been  the  reaction  of  these  school  officials 
and  their  lawyer  since  the  word  got  out. 
Instead  of  instantly  stopping  the  test  when 
parents  began  to  complain,  which  is  what 
anyone  with  any  hint  of  common  sense 
would  have  done,  they  threatened  students 
who  do  not  want  to  wear  the  tags. 

An  example  of  the  stupidity  being  dem¬ 
onstrated  was  the  school’s  lawyer  offering 
to  let  some  students  whose  parents  com¬ 
plained  wear  blank  tags,  while  insisting  that 
the  students  would  be  disciplined  if  they 


failed  to  wear  the  useless  tags.  Even  after 
the  company  making  the  system  pulled  out 
of  the  trial  one  school  official  said  he  was 
disappointed  that  the  trial  would  not  go  on. 

The  school  could  get  the  information  that 
it  actually  needed  to  report  to  the  state  by 
having  students  swipe  a  magstripe  card 
when  they  entered  or  left  the  school  build¬ 
ing  with  far  less  threat  to  student  safety  and 
privacy  But  that  would  be  too  sensible. 

By  the  way  don’t  laugh  at  the  plight  of 
these  students  —  your  pointy-haired  boss 
might  suddenly  decide  that  finding  out 
when  you  go  to  the  bathroom  is  critical  to 
the  health  of  your  company 

Disclaimer:  Considering  the  endowment, 
the  heath  of  Harvard  does  not  seem  to  be 
at  risk  and  the  above  puzzlement  is  mine, 
not  from  the  university 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


PMAS 

continued  from  page  21 

senior  systems  administrator  atVistaPrint  in 
Lexington,  Mass.  “It  secures  our  desktops 
and  gives  administrators  more  control  over 
managing  the  network  and  our  systems.” 

VistaPrint,  which  has  a  call  center  in  Mon¬ 
tego  Bay  Jamaica  that  serves  its  4  million 
customers,  gave  200  end  users  ultimate 
control  of  their  desktops  just  so  they  could 
run  a  few  custom  applications  that  require 
administrative  rights. 

“Now  we  can  attach  and  modify  securi¬ 
ty  privileges  on  individual  applications, 
which  is  what  we  need  in  our  environ- 
ment.  It  allows  us  to  take  away  admin 


rights  and  apply  them  specifically  to  a  pro¬ 
gram,”  Duda  says. 

PMAS  centers  on  one  extension  it  adds  to 
the  group  policy  feature  in  Active  Directory 
Administrators  install  the  software  on  any 
administrative  workstation,  and  the  exten¬ 
sion  is  added  to  Active  Directory’s  Group 
Fblicy  store  and  replicated  throughout  a 
corporation’s  directory  infrastructure. 
Using  Active  Directory’s  Group  Policy  edi¬ 
tor,  users  then  configure  settings  that  apply 
to  certain  applications. 

The  settings  are  implemented  in  the 
background  on  the  desktop  when  a  user 
logs  on. 

PMAS  costs  $21  per  seat,  per  1,000 
users.  ■ 


Desktop  security 


DesktopStandard’s  PolicyMaker  Application  Security  lets 
administrators  assign  local  administrative  rights  per  application 
instead  of  per  user  by  using  the  group  policy  features  of 
Microsoft’s  Active  Directory.  ^ - - 

PolicyMaker  Application  Security 
adds  two  new  folders  to  Microsoft’s 
Group  Policy  Object  Editor  console 
that  extends  group  policy  for 
managing  administrative  rights  on 
desktops. 
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A  detailed  dialog  box  lets  users 
configure  settings  for  each 
application  they  wish  to  either  add 
or  subtract  local  administrative 
privileges. 
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RFID 

continued  from  page  21 

and  who  performed  each  task  and  when. 

RFID  Anywhere  helps  track  specimens 
more  closely  than  the  lab’s  current  system, 
says  Mel  Lively,  director  of  IT  at  ProPath. 
ProPath’s  current  anatomic  information 
system  documents  four  stages  of  a  speci¬ 
men’s  analysis,  while  RFID  Anywhere  will 
let  the  lab  document  nine  stages. 

How  it  works 

At  its  most  basic,  RFID  middleware  han¬ 
dles  hardware  integration.  With  connectivi¬ 
ty  standards  still  in  flux,  there’s  no  set  way 
to  build  an  interface  to  an  RFID  reader,  and 
some  companies  will  want  to  deploy  dif¬ 
ferent  readers  from  different  manufactur¬ 
ers.  “For  now,  the  reader  manufacturers 
don’t  all  conform  to  a  single  standard,  so 
middleware  is  an  important  buffer  layer;” 
IDC’s  Leaver  says. 

Middleware  also  can  provide  tools  for 
managing  RFID  devices.  IAnywhere’s  soft¬ 
ware,  for  example,  can  communicate  with 
devices  through  Ethernet  or  serial  connec¬ 
tions  and  push  firmware  upgrades  as 
required,  says  Chris  Foley,  director  of  RFID 
at  iAnywhere.  It  provides  a  Web-based  con¬ 
sole  to  remotely  monitor  the  status  of  RFID 
devices.  Alternatively  iAnywhere  can  feed 
device  information  to  a  third-party  systems 
management  platform,  Foley  says. 

Filtering  data  is  a  key  role  of  middleware. 
It  processes  the  streams  of  data  coming  in 
—  not  just  from  RFID  readers,  but  poten¬ 
tially  from  bar-code  scanners  or  other  wire¬ 
less  sensors,  such  as  temperature  sensors. 

Companies  have  worried  that  RFID  read¬ 
ers  that  constantly  poll  tags  will  take  a  toll 
on  network  performance  and  flood  appli¬ 
cations  with  unnecessary  data.  Industry 
experts  say  those  fears  are  overblown. 

“There’s  no  question  the  amount  of  data 
pumping  through  the  network  is  going  to 
increase,  but  the  initial  horror  stories  about 


it  bringing  down  every  network  because 
there’s  so  much  data  are  overstated,”  Leaver 
says.“Feople  are  forgetting  about  the  role  of 
middleware.” 

Namely  middleware  will  inspect  the  data 
and  apply  business  rules  to  get  rid  of  extra¬ 
neous  data  reads,  and  pass  along  to  enter¬ 
prise  systems  only  the  important  informa¬ 
tion  or  the  exceptions  that  could  require 
someone  to  take  action. 

RFID  middleware  also  assumes  the  role 
of  electronic  product  code  (EPC)  commis¬ 
sioning.  An  EPC  number  is  a  serialized 
product  code  that  uniquely  identifies  the 
product  being  tagged.  Users  can  tap  mid¬ 
dleware  to  connect  computers  that  look 
up  EPC  numbers  to  a  central  directory  gov¬ 
erned  by  the  nonprofit  EPCglobal  and 
managed  today  by  VeriSign  —  much  like 
the  DNS  directory  VeriSign  manages. 

Choosing  a  vendor 

When  choosing  a  vendor,  don’t  think 
about  RFID  middleware  as  a  product  selec¬ 
tion  problem,  think  about  it  as  an  architec¬ 
tural  design  issue,  Leaver  says. 

Companies  should  plan  to  deploy  an 
RFID  architecture  with  multiple  software 
tiers  to  handle  different  filtering  and  rout¬ 
ing  requirements. 

“It  makes  sense  to  do  some  filtering  out 
close  to  the  reader,  so  you’re  not  sending  a 
bunch  of  data  across  the  network  for  no 
reason,”  Leaver  says.  That  being  said,  you 
don’t  want  to  have  all  the  business  context 
and  business  logic  of  a  corporation  out  at 
those  endpoints.  Once  the  simplistic  filter¬ 
ing  is  done  at  the  edges,  more  complex  data 
packaging  and  routing  can  occur  closer  to 
the  enterprise  networks,  where  the  middle¬ 
ware  can  access  business  logic,  she  says. 

The  platforms  that  companies  choose 
need  to  be  reliable,  scalable  and  intelligent 
enough  to  understand  business  processes 
and  how  to  interact  with  business  applica¬ 
tions.  “Getting  that  combination  is  a  little 
difficult,"  Leaver  says.  ■ 


- - 


Juniper 


00t  Net 


fior  /?,  5  C°r\p^nuS  jrowfh  "to  Jpcrfloofl!  B»b 
fir&aj  he'd  h«ve  i~ °  initiate  <*  net  nitric 
ch^nje.,,  c\  fr <cfdu  Subject  ft*r  Sti re.. 


NETWORK  EXCELLENCE 


L _ 

QUESTION:  IS  SWITCHING  FROM  THE  STATUS  QUO 
A  STICKY  SUBJECT  INSIDE  YOUR  ENTERPRISE? 
READ  ON,  THEN  LEAD  AN  ENTERPRISE-WIDE 
CHANGE  FOR  THE  BETTER. 


Simply  Juniper  your  net  and  change  complex  legacy  configurations  into 
clean-slate  convenience.  Our  comprehensive  solutions  deliver  unprecedented 
heights  of  speed,  unbelievable  depth  of  processing,  unsurpassed  security. 


►  LEADING  THE  WAY  WITH  SECURE,  ASSURED  NETWORKING,  ONLY  JUNIPER. 

Security,  with  assured  performance.  Juniper’s  promise,  and  a  unique,  industry-altering 
brand  of  networking.  Secure  &  Assured  Networking  is  application-driven:  End-to-end 
network  control,  with  guaranteed  application  delivery  and  performance  -  network  wide. 
It’s  ceaseless  security  assessment:  Deep  inspection  firewalls,  Intrusion  Detection 
and  Prevention,  as  well  as  application-aware  remote  access  SSL  VPNs.  It’s  certain 
performance:  Predictability  through  high-availability  and  platform  stability- all  via 
scalable  platforms.  Just  because  users  have  access  doesn’t  mean  they  should 
have  the  run  of  your  resources  -  that’s  Secure  &  Assured  Networking. 

Juniper  means  security  and  assurance  legacy  players  can’t  emulate,  only  envy. 
Because  it’s  impossible  to  bolt  onto  their  antiquated  hardware  what’s  built  into  our 
innovative  software.  Juniper  architecture  creates  incredibly  scalable  solutions,  helping 
eliminate  downtime,  upgrades  and  workarounds  while  improving  speed,  reliability 
and  performance.  That’s  how  a  Juniper  network  thrives  in  the  most  demanding 
conditions,  allowing  customers  to  build  and  run  networks  in  the  harshest,  most 
competitive  environments  -  so  forge  ahead  and  fear  not. 
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A  LEADER  FOR  BRAND  LEADERS,  IT’S  JUNIPER. 

Juniper’s  carrier-class  performance,  intelligence  and  security  -  once  available  only 
to  SPs  -  is  here  for  your  enterprise.  That’s  why  we’re  the  recognized  leader,  and 
the  preferred  brand  of  mission-critical,  industry-defining  entities.  Trusted  by 
the  largest  firms  on  Wall  Street,  the  leading  enterprises  demanding 
perfect  performance,  the  most  vigilant  government  agencies  on 
worldwide  watch  to,  count  'em,  25  of  the  top  25  service  providers. 


LEAD  THE  WAY,  WITH  JUNIPER. 

Need  more  help  convincing  your  enterprise  to  leave 
the  status  quo?  Get  insightful  case  studies  and  white 
papers,  clear  competitive  advantages  and  the 
networking  news  you  need.  And  get  it  here: 

http://www.juniper.net/solutions/literature/ 
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E  INTERNET  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS 
REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE 


Sprint’s  focus  is  on 


■  BY  DENISE  PAPPALARDO 

So  far, Sprint  has  no  plans  to  team  up  with 
a  local  exchange  carrier  like  its  key  com¬ 
petitors  AT&T  and  MCI,  but  it’s  not  going  it 
alone,  either. 

The  carrier  says  it  is  moving  forward  with 
its  merger  plans  with  Nextel  Communica¬ 
tions  while  focusing  on  its  wireless  data 
network  deployment  and  expanding  its 
business  services  in  2005.  In  December, 
Sprint  and  Nextel  announced  plans  to 
merge  in  a  deal  valued  at  $35  billion. 

This  will  make  Sprint  the  third-largest 
wireless  service  provider  in  the  U.S.  when 
the  merger  closes,  but  the  combined  com¬ 
pany  will  be  dwarfed  by  AT&T/SBC  and 
MCI/Verizon. 

Although  Sprint’s  heritage  is  in  landline 
services,  Sprint  is  betting  its  future  on  wire¬ 
less.  That’s  where  it’s  spending  most  of  its 
money  and  putting  most  of  its  efforts  this 
year.  The  carrier  says  it  could  spend  nearly 
$3  billion  on  wireless  in  2005. 

With  that  said,  analysts  speculate  that 


there  could  be  a  deal  between  Sprint  and 
BellSouth.  Such  a  deal  would  combine 
BellSouth  southeastern  LEC  business  with 
the  third-largest  interexchange  carrier.  But 
the  deal  would  be  messy  considering 
BellSouth  is  a  40%  owner  of  Cingular 
Wireless.  SBC  is  60%  owner  of  the  wireless 
service  provider.  Speculation  aside,  Sprint 
is,  at  least  publicly  staying  focused  on  its 
plans  for  this  year,  which  include  beefing 
up  revenue. 

“With  [Sprint’s]  national  wireless  network 
and  global  IP  assets,  innovative  products 
and  services,  strategic  partners  and  a  trans¬ 
formed  business  model. ...  I  am  confident 
that  Sprint  possesses  the  assets,  organiza¬ 
tion,  people  and  momentum  to  be  the 
telecommunications  provider  of  choice,” 
says  Gary  Forsee,  chairman  of  Sprint. 

Sprint  expects  revenue  for  2005  to  grow 
in  the  low  single  digits.  Based  on  the  carr¬ 
ier’s  guidance,  it  likely  will  report  no  more 
than  $28.8  billion  in  revenue, or  5%  growth. 

Sprint  recorded  $27.4  billion  in  rev¬ 
enue,  for  2004,  which  was  about  5%  better 


Universal  Service  fun  and  games 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


You  might  have  missed  the  recent  ker¬ 
fuffle  over  AT&T’s  calling  cards  and 
the  Universal  Service  Fund. 

Briefly:  AT&T  sells  calling  cards  that 
include  pre-recorded  commercial  mes¬ 
sages.  AT&T  argues  that  phone  calls  from 
these  cards  comprise  “information  ser¬ 
vices” —  which  are  exempt  from  USF  fees. 
That  makes  the  calls  less  expensive  for  con¬ 
sumers  and  also  reduces  the  amount  AT&T 
owes  to  the  USF  by  as  much  as  $160  mil¬ 
lion.  (The  USF  you’ll  recall,  is  the  pool  of 
cash  used  to  subsidize  telephone  and 
Internet  access  to  schools  and  libraries.) 

It  gets  better.  When  the  FCC  objected, 
AT&T  responded  by  adding  an  um,  infor¬ 
mational  message  urging  users  to  call  the 
FCC  and  lobby  Congress.  Consumers  ob¬ 
liged,  flooding  the  commission  and 
Congress  with  demands  to  “keep  phone 


costs  low”  Because  many  of  these  cards 
were  used  by  members  of  the  armed  forces 
and  their  families,  the  complaints  got  atten¬ 
tion.  Most  recently  Sen.  Ted  Stevens  (R- 
Aiaska)  publicly  admonished  AT&T,  saying 
the  carrier  had  engaged  in  a  “disinforma¬ 
tion  campaign”  and  vowing  to  force  it  to 
pay  back  the  money 

So  what’s  up?  Is  AT&T  relying  on  casuistry 
and  wordplay  to  keep  money  from 
America’s  poor  schoolchildren? 

Totally  (You  expected  any  less  from  a 
telco?)  But  that  misses  the  scheme’s  sheer 
genius.  AT&T  is  engaging  in  a  classic  politi¬ 
cal  maneuver  called  “share  the  pain.” 

See,  the  real  issue  is  that  the  USF  is  one  of 
the  worst-designed  systems  in  history  It’s 
essentially  an  invisible  tax  administered  by 
a  jaw-droppingly  incompetent  quasi-gov- 
ernmental  agency  called  the  Universal 
Service  Administrative  Co  (USAC).  As  I’ve 
written,  last  summer  the  FCC  hauled  the 
USAC  up  short  for  shoddy  accounting  prac¬ 
tices  —  resulting  in  a  nationwide  funding 
crisis  for  the  very  schools  and  libraries  it 
was  supposed  to  be  helping. 

Moreover,  USFs  taxes  are  based  not  on 
which  services  you  provide,  but  who  you 
are.  Interestingly  VoIP  upstart  Vonage  is  not 
asked  to  contribute  —  even  though  Vonage 
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than  2003’s  $26.2  billion. 

The  carrier  also  plans  to  keep  its  capital 
expenditures  at  about  $4  billion  to  $4.2  bil¬ 
lion  in  2005,  about  the  same  as  last  year. 

A  good  portion  of  Sprint’s  capital  expen¬ 
ditures  is  being  put  toward  its  wireless  data 
network  buildout.  Sprint  says  it  will  spend 
$2.7  billion  to  $2.9  billion  on  its  wireless 
network,  about  $900  million  on  local  net¬ 
works  and  services,  and  $300  million  on  its 
long-distance  network,  which  includes  IP 
While  the  difference  in  spending  be 


offers  long-distance  calls,  the  same  as  AT&T. 
That’s  because  VoIP  is  considered  an  “infor¬ 
mation  service.” Bottom  line:The  FCC  wants 
“telcos”  (AT&T,  MCI,  Sprint)  to  pay  to  the 
USF  while  “information  service  providers” 
like  Vonage  remain  exempt. 

My  best  guess:  This  is  a  little  trap  laid  by 
AT&T  to  get  this  issue  in  front  of  the  courts. 
It’s  a  bit  too  late  now  (with  the  SBC  merger 
and  all), but  I  think  the  way  AT&T  wanted  to 
play  this  out  was  to  have  the  courts  pursue 
the  question  of  what,  precisely  an  informa¬ 
tion  service  is  and  move  from  that  into  a 
discussion  of  who  ought  and  ought  not  to 
pay  into  the  USF  funds. 

Both  are  highly  relevant  because  the  USF 
funds  are  being  paid  by  the  putatively  “rich 
telcos,”  which  are,  you  might  have  noticed, 
all  in  the  process  of  getting  acquired  and/or 
going  bankrupt. 

And  you’ve  probably  already  guessed  the 
punchline:  When  all  the  telcos  have  gone 
away  who  is  the  USAC  going  to  go  after 
next?  Hope  Vonage  is  layering  up  the 
lawyers. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


tween  its  wireless  and  landline  IP  network 
is  vast,  David  Willis,  an  analyst  at  Meta 
Group,  says  it’s  not  surprising.“It’s  cheap  to 
build  out  IP  networks  today  There  are  nice 
price  wars  going  on  between  Juniper  and 
Cisco, which  allows  carriers  to  build  out  for 
relatively  low  cost.” 

And  Willis  says  Sprint  is  “wise”  to  spend 
on  its  wireless  networks.“Wireless  is  where 
Sprint  will  see  most  of  its  future  revenue 
growth,”  he  says. 

Sprint’s  wireless  spending  will  include 
$750  million  on  Evolution  Data 
Optimized  (EV-DO)  “aggressive”  network 
deployment.  In  2004,  EV-DO  was  available 
in  three  Sprint  markets;  by  year-end  Sprint 
expects  to  support  EV-DO  on  more  than 
60%  of  its  network,  reaching  about  80%  of 
its  customers. 

EV-DO  is  a  wireless  data  technology  that 
supports  transmission  speeds  of  about 
300K  to  500K  bit/sec.  The  technology 
maxes  out  at  about  2.4M  bit/sec. 

The  carrier  is  focusing  on  three  prime 
product  development  strategies:  wireless 
adoption  for  business  users;  erasing  the 
barrier  between  wireless  and  wireline  ser¬ 
vices;  and  providing  users  with  an  easy 
migration  to  IP 

Sprint  also  is  addressing  business  wire¬ 
less  adoption  by  offering  the  Managed  Mo¬ 
bility  Service,  scheduled  to  launch  later 
this  quarter.The  service  will  be  a  fully  man¬ 
aged,  end-to-end  offering  to  offload  admin¬ 
istration  of  a  large  wireless  deployment. 

Sprint  says  it  is  erasing  the  barrier  be 
tween  wireless  and  wireline  through  VoIP 
and  wireless  integration.  And  it  is  easing 
user  migration  to  IP  with  services  such  as 
its  Multi-protocol  Label  Switching  VPN. 

The  carrier  also  talked  up  its  merger  deal 
with  Nextel. Sprint’s  Forsee  says  he  expects 
the  deal  to  close  in  the  third  quarter  pend¬ 
ing  regulatory  approvals.  The  joined  wire¬ 
less  companies  will  have  41  million  cus 
tomers,  behind  Cingular  Wireless  and 
Verizon  Wireless,  respectively  ■ 
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Faster  and  Farther 
Than  Ever  Before! 

Wireless-G  with  SRX 


WRT54GX 

Wireless-G 
Broadband  Router 
with  SRX 


product 
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Watch  streaming  video  or  play  multi-player  games 
faster  than  ever  before.  And  do  it  comfortably  from 
places  that  were  previously  unreachable.  Introducing 
the  Wireless-G  with  SRX  series,  the  newest,  fastest, 
most  powerful  addition  to  the  Linksys  Wireless-G 
family. 

Enjoy  the  Wireless-G  with  SRX  experience: 

•  Up  to  8  times  faster  than  standard  Wireless-G 

•  Increased  wireless  range  up  to  3  times  farther 

•  Reduced  dead  spots  in  coverage  area 

•  Compatible  with  Wireless-G  and  B  networks 


WPC54GX 

Wireless-G 
Notebook  Adapter 
with  SRX 
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Connection 
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1-800-737-7201 


that  was  easy." 


Linksys  is  a  registered  trademark  or  trademark  of  Cisco  Systems,  Inc.  and/or  its  affiliates  In 
the  U.S.  and  certain  other  countries.  Copyright  ©  2005  Cisco  Systems,  Inc.  All  rights  reserved. 
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FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


IRS  gives  home-based  jobs  to  disabled 


■  BY  TONI  KISTNER 

For  once,  the  IRS  is  the  hero  of  a  story  If 
you  dial  1-800-TAXFORM  this  tax  season, 
your  call  won’t  go  to  a  centralized  IRS  call 
center.  Instead,  your  request  will  be  han¬ 
dled  by  a  disabled  agent  working  at  home. 

In  the  first  project  of  its  kind,  the  IRS  has 
partnered  with  the  National  Telecommut¬ 
ing  Institute  (NTI)  and  the  Colorado  virtual 
call  center  outsourcer  Alpine  Access  to 
employ  more  than  280  home  workers, 
more  than  200  of  whom  are  disabled. 

For  most,  this  is  the  first  job  they’ve  held 
in  years.  People  like  Peter  Catanese,45,who 
at  age  15  was  hit  by  a  car  and  has  since 
endured  more  than  60  operations.  And  like 
Edward  Grabowski,  56,  whose  severe  dia¬ 
betes  has  resulted  in  extended  hospital 
stays,  operations,  kidney  failure  and  six 
months  in  bed  at  a  stretch. 

Of  the  1.2  million  disabled  workers  in  the 
U.S.,  about  12%  could  handle  a  job  if  it 
meant  working  at  home,  says  M.J.  Willard, 
director  of  NTI  —  a  not-for-profit  organiza¬ 
tion  that  works  with  state,  vocational  and 
rehabilitation  agencies  to  train  and  employ 
disabled  people  for  home-based  jobs. 

Funded  by  an  annual  grant  of  $238,000 
from  the  Department  of  Education’s 
Partnership  with  Industry  Program,  NTI  has 
put  people  to  work  by  indexing  and  tran¬ 
scribing  medical  records;  performing 
phone-based  work  verifying  insurance 


information  for  hospital  admission  and 
billing;  and  placing  appointment  reminder 
calls.  However,  the  call  center  industry,  with 
its  high  turnover  and  poor  performance, 
always  has  showed  the  most  promise. 

“Since  1992,  we’ve  been  following  the  pre¬ 
dictions  that  the  call  center  world  would  go 
virtual.  It  was  always  ‘in  the  next  five  years,’ 
over  and  over”Willard  says.“Now  I  think  it’s 
finally  going  to  take  off.”  Today  NTI  focuses 
90%  on  call  centers,  8%  on  medical  tran¬ 
scription  and  2%  on  other  areas. 

NTI  and  Alpine  Access  jointly  handled 
the  hiring  process,  which  was  done  entire¬ 
ly  online.  NTI  screened  the  initial  2,000  can¬ 
didates,  then  Alpine  screened  them  for 
voice  quality  and  technical  competency 
The  new  hires  then  were  trained  on  a  hy¬ 
brid  system  using  NTI’s  high-end  conferen¬ 
cing  system  and  Alpine  Access’  trainers 
and  Web-based  materials.  When  they  log 
on,  Grabowski  and  Catanese  function  ex¬ 
actly  as  do  other  Alpine  Access  agents. 

Both  workers  walk  with  canes  and  strug¬ 
gle  to  lead  productive  lives.  In  the  past, 
Catanese  was  a  sportscaster  then  an  entre¬ 
preneur;  Grabowski,  a  restaurant  manager 
then  security  guard  at  an  Atlantic  City  casi¬ 
no  —  until  their  conditions  made  work 
outside  the  house  impossible.  They  are 
exceedingly  grateful  to  be  working  again. 

“This  is  a  super  program,”  Grabowski  says. 
“It’s  customer  service,  which  I  always 
enjoyed.  And  a  refreshing  change  of  pace. 


Takes 

■  Mirra  has  announced  a  free  data 
guarantee  for  its  Mirra  Personal  Server 
users.  The  MirraGuard  Data  Pro¬ 
tection  Guarantee  provides  against 
data  loss  from  a  hard  disk  crash  on  the 
user’s  PCs.  If  a  hard  disk  crashes,  Mir¬ 
ra’s  recovery  tools  let  users  migrate  the 
data  from  the  Mirra  Personal  Server 
onto  a  new  hard  disk.  If  they  need  help, 
Mirra  provides  free  tech  support.  If  that 
fails,  the  company  will  pay  to  have  the 
device  shipped  to  Mirra,  where  it  will 
extract  the  data,  burn  it  onto  a  CD  or 
DVD  and  ship  it  back.  If  this  process 
fails,  Mirra  will  pay  up  to  $1,000  for  a 
recovery  service.  MirraGuard  is  a  three- 


year  guarantee  available  to  users  of 
Mirra’s  Version  2.0  product.  Personal 
Server  comes  in  80-,  120-  and  250G-byte 
versions  priced  from  from  $349  to  $749. 

■  AT&T  has  announced  a  VoIP  service 
for  small  offices.  The  CallVantage 
Small  Office  Plus  plan  provides  two 
telephone  lines,  unlimited  local  and  long¬ 
distance  calling  in  the  U.S.  and  Canada, 
and  the  ability  to  send  and  receive  faxes. 
Users  can  choose  an  area  code  any¬ 
where  in  the  U.S.  and  subscribe  to  up  to 
nine  distinct  telephone  numbers  that  can 
be  managed  independently.  If  the  lines 
are  busy,  a  “locate  me"  feature  will  ring 
up  to  five  additional  lines,  home  lines, 
cell  phones,  voice  mail,  either  simultane¬ 
ously  or  sequentially.  The  service  costs 
$49.99  per  month;  each  additional  num¬ 
ber  costs  $7.49  per  month. 


Virtual  vaults 


New  research  from  Booz  Allen  Hamilton 
finds  nearly  20%  of  U.S.  companies  use  home- 
based  call  center  agents,  although  only  in  a 
limited  way.  It  also  found: 


•  More  than  80%  of  current 
adopters  are  satisfied  with  the 
home-based  model. 

•  22%  of  non-adopters  plan  to  use 
home-based  agents  within  two 
years. 


27%  of  non-adopters  would 
consider  outsourcing  to 
providers  with  home-based 
agents. 


Otherwise  —  what  would  1  be  doing?” 

“Every  day  of  the  last  30  years  I’ve  been 
trying  to  live  my  life  like  I  don’t  have  a  dis¬ 
ability’ says  Catanese,  who  works  about  16 
hours  a  week,  in  short  shifts.“If  it  was  rain¬ 
ing  out,  I  couldn’t  go  to  work.  And  if  I  had 
to  sit  at  a  desk  for  40  hours  a  week,  I  could¬ 
n’t  do  it.Working  all  those  years  put  a  heavy 
toll  on  my  body  Eventually,  I  just  couldn’t 
stand  up.” 

As  in  any  good  partnership,  all  parties 
benefit. The  IRS,  which  declined  comment 
for  this  story,  gets  a  flexible  pool  of  nation¬ 
wide  workers  who  can  handle  peaks  in 
call  volume  much  easier  than  those  work¬ 
ing  in  a  bricks-and-mortar  call  center.  NTI 
and  Alpine  Access  each  win  their  first  big 
government  contract,  with  more  presum¬ 
ably  to  follow.  The  federal  government’s 
Javits- Wagner  O’ Day  (JWOD)  program 
mandates  that  government  work  that  can 
be  redesigned  so  it  can  be  performed  by 
people  with  disabilities  must  be.  JWOD 
made  it  easier  for  NTI  to  win  the  five-year 
IRS  contract  by  letting  it  bypass  many  of 
the  barriers  to  doing  business  with  the  gov¬ 
ernment. 

This,  in  turn,  made  NTI  more  attractive  to 
Alpine  Access,  as  a  way  to  get  its  foot  in  the 
government’s  door.  Until  this  year,  it  has 
served  mostly  small  companies.  But  now,  in 
addition  the  IRS,  Alpine  has  announced 
Office  Depot  and  a  large  financial  services 
firm  as  new  clients.  Alpine  also  gets  a  tax 
credit  of  $2,444  for  each  disabled  worker  it 
employs. 

In  a  complex  arrangement,  the  disabled 
workers  technically  are  employed  by  NTI. 
NTI  serves  as  contractor  to  the  IRS,  with 


Alpine  Access  serving  as  sub-contractor. To 
date,  NTI  is  a  registered  employer  in  42 
states,  which  also  makes  it  attractive  to 
other  outsourcers  that  want  to  extend  their 
reach  without  registering  as  an  employer  in 
each  state. 

Willard  also  credits  the  advent  of  flat-rate, 
long-distance  calling  plans  for  making  her 
nationwide  workforce  attractive.  Before 
flat-rate  calling,  call  center  outsourcers 
tended  to  keep  their  agent  pools  close  to 
the  service  provider’s  network,  so  as  to 
avoid  the  $2.40  per  hour,  per  call,  in  long¬ 
distance  charges.  But  with  flat-rate  calling, 
that  barrier  is  removed.Willard’s  employees 
make  only  two  or  three  calls  per  day  dial¬ 
ing  in  for  each  shift  then  staying  connected 
for  its  entirety,  three  or  four  hours.  “As  long 
as  it’s  legal,  we  hope  it’ll  tide  us  over  until 
VoIP  comes  along,”  she  says. 

Grabowski  puts  in  about  15  hours  per 
week.  He  logs  on  to  the  Alpine  Access 
ACD  system  and  from  there,  signs  up  for 
the  hours  he  is  available  —  working  typi¬ 
cally  in  two-hours  on/two-hours  off  incre¬ 
ments.  He  runs  through  independent 
training  exercises,  accesses  reference 
materials  and  attends  live  online  training 
sessions  with  Alpine  Access  trainers. 
When  he’s  on  duty,  he  logs  on  using  a  hard 
phone  and  a  soft  phone,  and  is  supported 
by  a  supervisor  who  fields  tough  ques¬ 
tions  via  a  chat  room. 

“When  it’s  not  very  busy  at  7  a.m.  Eastern 
time,  we  have  a  little  fun  in  the  chat  room,” 
Grabowski  says.  “Someone  will  say  ‘Who 
brought  the  doughnuts?’  or  ‘I’ll  put  on  a 
fresh  pot  of  coffee.’” 

People  on  disability  can  earn  up  to  $830 
per  month  without  affecting  their  monthly 
benefits.“For  me.  the  money  makes  a  huge 
difference  in  everything,”  Catanese  says. 

The  program’s  launch  was  a  bit  bumpy 
Initially  scheduled  to  begin  nearly  a  year 
ago,  some  last-minute  red  tape  and  regula¬ 
tions  resulted  in  a  seven-month  delay  And 
this  tax  season,  NTI  employees  are  supple¬ 
mented  by  Alpine  Access’  call  center  staff 
because  the  process  of  registering  employ¬ 
ees  to  work  for  the  IRS  is  extensive.  In  addi¬ 
tion  to  full  background  checks,  each  NTI 
employee  was  required  to  be  fingerprinted 
at  a  police  station  that  still  used  real  ink 
rather  than  electronic  scanning.This  meant 
many  of  the  disabled  workers  had  to 
arrange  transportation  to  police  stations  as 
far  as  an  hour’s  drive  away. 

Nevertheless,  the  program,  which 

See  IRS,  page  23 
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launched  last  September,  is  running 
smoothly  Willard  says.  When  tax  season 
ends,  some  of  NTI’s  workers  will  continue 
to  answer  the  1-800-TAXFORMS  number. 
Alpine  Access  plans  to  employ  others 
to  serve  different  clients  until  tax  season 
ramps  up  again  next  January. 

NTI  has  launched  two  other  small 
pilots  with  the  federal  government,  with 
the  Department  of  Labor,  and  Centers 
for  Medicaid  and  Medicare  (CMM) 
Services.  Of  CMM’s  3,000  onsite  call  cen¬ 
ter  agents,  only  two  are  disabled  home 
workers.  At  the  Labor  Department,  three 
of  its  100  agents  are.  However,  Willard 
says  the  Labor  Department  promises  to 
employ  disabled  workers  in  all  new  jobs 
(created  through  attrition  and  growth) 
moving  forward. 

“The  most  important  thing  about  this 
job?  At  45  years  old,  I’ve  made  my  moth¬ 
er  proud,”  Catanese  says.  “To  finally  see 
me  doing  something  that  actually  works, 
she’s  a  happy  person  right  now"  ■ 


AR0  expands  at-home  jobs  beyond  call  center 


Firms  finally  are  beginning  to  accept  — 
even  embrace  —  the  idea  of  sending 
call  center  jobs  home.  But  other  types 
of  back-office  jobs?  No  way. 

Yes,  way.  Certain  industries,  initially 


healthcare  and  insurance, are  beginning  to 
move  a  variety  of  other  jobs  home,too.Take 
a  $55  million  health  clinic  in  the  Kansas 
City  area.  Just  three  months  after  it  out¬ 
sourced  its  call  center  operation  to  ARO 


Outsourcing,  the  clinic  came  back  and  said, 
in  effect,  “You’ve  exceeded  our  expecta¬ 
tions.  We’re  sold  on  the  virtual  model.  Help 
us  move  every  department  we  can  home.” 

Today  ARO  is  transitioning  the  clinic’s 
appointment  scheduling,  doctor  paging, 
patient  insurance  pre-certification  and  pay¬ 
ment  collection  tasks  to  its  home-based 
agents.  “They  were  having  the  same  prob¬ 
lems  in  these  departments  as  in  its  call  cen¬ 
ter,”  says  ARO  CEO  Michael  Amigoni.“They 
couldn’t  hire  the  right  people.Turnover  was 
so  high  that  quality  suffered.  Why  not  use 
the  same  virtual  model  to  fix  it?” 

The  big  reason  is  that  companies  don’t 
think  they  can  measure  performance. 
They’re  comfortable  with  virtual  call  cen¬ 
ters  because  agent  quality  and  productivity 
is  easy  to  measure.  You  can  monitor  calls 
and  require  agents  to  take  25  calls  per 
hour,  keeping  each  under  2  minutes,  for  in¬ 
stance.  But  firms  don’t  readily  know  how  to 
apply  performance  metrics  to  other  jobs. 

“With  this  client,  we  asked, ‘What  existing 
metrics  do  you  have?’”Amigoni  says.  In  the 
case  of  insurance  pre-certification,  each 
clerk  is  assigned  a  doctor  or  group  of  doc¬ 
tors  whose  patients  the  clerk  must  certify 
within  a  24-hour  period. Then,  ARO  helped 
uncover  deeper  metrics  by  accessing  data¬ 
base  stats  that  showed,  among  other  things, 
the  number  of  pre-certifications  each  clerk 
handled  daily 

“If  you  can’t  measure  performance,  you 
probably  have  a  workflow  problem,”  Ami- 
goni  says.  “It’s  a  matter  of  getting  enough 
knowledge  about  an  industry  identifying 
what  tasks  need  to  be  done,  and  moving 
them  out.  Add  a  metric,  and  rock  and  roll.” 

Kistner  is  the  managing  editor  of  the 
Net.  Worker  section  of  Network  World.  She 
can  be  reached  at  tkistner@nww.com. 


When  It  Comes  to  True  Innovation, 
Thqre  Is  Only  One  Fish  in  the  Pond 
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Introducing  the  Belden  IBDN™ 
System  10GX.  Clearly  the  most 
innovative  UTP  structured  cablir ; 
solution  in  the  marketplace. 

Sometimes  you  have  to  take  a  big  leap  in  your  thinking 
to  get  to  something  that’s  truly  new  —  and  truly  great. 
That's  what  w  ve  done  with  our  10  (  Solution. 

Our  10GX  Solution  isn't  an  improved  or  boosted  Category  6 
system,  but  a  revolutionary  new  system  designed  around 
a  series  of  dynamic  enabling  technologies  that  deliver 
on  the  two  most  critical  factors  in  10  Gigabit  service: 
reduction  of  Alien  Crosstalk  and  controlled  performance 
up  to  a  minimum  of  500  MHz. 

To  accomplish  Beyond  1 0G™  performance,  we've 
developed  four  totally  new  enabling  technologies  — 
technologies  that  allow  the  Belden  IBDN  System  10GX 
to  deliver  guaranteed  performance  up  to  625  MHz. 


•  SpiralFleX™  Cable  technology  that  increases  randomization 
and  greatly  improves  Alien  Crosstalk  performance 

•  Matrix  (DC™  Module  technology  which  eliminates 
the  issue  of  Alien  Crosstalk  between  modules, 
offering  performance  30  times  better  than  Cat  6 

•  FleXPoint  PCB  Module  technology  that  positions 

the  compensation  circuitry  directly  at  the  plug’s  point  of 
contact,  offering  unbeatable  mated-connection  performance 

•  X-Bar™  Module  termination  technology  that  assures 
accurate  module/cable  termination  and  reduces 
installation  differences 

10GX  is  truly  the  most  advanced  10G  system  in  the 
marketplace  —  in  fact,  every  other  system  is  just 
treading  water. 

For  more  information,  please  call 
Belden  CDT  Networking 
at  1-800-2C  -9334. 

www.BeldenlBDN.c  n 
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Introducing  the  >un  Grid  for  $i/c  u-hr. 
The  network  i  >  yo  u r  om  puter. 

If  you’re  paying  more  than  $i/cpu-hr  to  build  and  run  your  own  gr  ,  you’re  overpaying.  Because  that’s  the  price  at  which 
our  grid  is  available  to  yo  ;  Pay  $l/cpu-hr,  and  leverage  out  capital  spend,  SPARC®  or  x86  computers,  storage,  and  facilities 
to  run  your  business.  From  Monte  Carlo  simulations  to  reservoir  simulation..  Protein  modeling  to  movie  rendering,  l  cpu  to 
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We  map  the  industry’s  progress  on 
the  journey  to  the  new  data  center. 


BY  JULIE  BORT 

hen  you  think  about  it,  you  have  only  two 
ways  to  travel. You  can  select  a  destination 
and  make  travel  plans  to  get  you  there.  Or 
you  can  focus  on  the  journey  and  wander 
with  no  real  endpoint  in  mind.  When  it 
comes  to  migrating  today’s  IT  infrastructure  to  its  next-generation  form, 
the  new  data  center,  network  executives  already  on  their  way  agree  that 
the  destination  method  is  superior.  Nevertheless,  many  say  they  feel 
forced  into  wandering. 

“When  I  think  of  enterprise  architecture,  I  think  of  our  general  direction  on  how  we  want  to  build 
and  deploy  systems.  We  plan  about  five  years  out,  but  we  keep  changing  that  plan  about  every 
month,  it  seems,  to  remain  responsive  to  the  business,” says  Dave  Cogswell,  director  of  technical  ser¬ 
vices  at  Data-Tronics,  the  IT  subsidiary  of  ABF  Freight  System,  in  Fort  Smith,  Ark.  Being  nimble  lets 
IT  be  driven  by  business  need  but  it  makes  the  feasibility  of  accurate,  long-range  planning  “very 
debatable,”  Cogswell  contends. 

Yet,  when  considering  the  enormous 
changes  required  to  build  the  new  data  center, 
a  long-term  architecture  goal  becomes  a  must, 
experts  argue.  Only  with  a  destination  in  mind 
can  network  executives  make  intelligent  deci¬ 
sions  about  the  technologies  they  need  to 
build  a  new  data  center  infrastructure. 

“You  can  sit  back,  follow  the  herd  and  stay  in 
the  mainstream.  [But]  it’s  too  hard  to  interpret 
the  world  in  that  kind  of  read-and-react 
approach.  If  you  see  a  change  that’s  dramatic 
coming  down  the  pipe,  it  behooves  you  to 
have  a  plan  and  to  have  an  architecture  for 
where  you  are  trying  to  get,”  says  Geoffrey 
Moore,  author  and  managing  director  of  con¬ 
sulting  firm  TCG  Advisors.  Moore  advocates  an  architectural  plan  that  looks  as  far  as  10  years  out. 
(See  related  story,  page  S22.) 

The  new  data  center  has  moved  from  the  conceptual  idea  it  was  a  year  ago  to  a  production  infra¬ 
structure  that  today’s  early  adopters  are  testing  and  deploying.  As  the  new  data  center  evolves,  all 
agree  that  a  long-range  plan  will  be  based  on  two  ideas.  First,  the  new  data  center  relies  on  a  new 
business  model,  the  extended  enterprise,  which  is  in  itself  the  basic  building  block  for  yet  another 
emerging  business  model  —  the  global  ecosystem.  Second,  the  basis  for  the  extended  enterprise’s 
(and,  eventually,  the  global  ecosystem’s)  IT  infrastructure  will  be  change  management. 

The  network  executive’s  objective  when  building  and  supporting  the  extended  enterprise  busi¬ 
ness  model  is  to  create  an  environment  that  offers  equally  safe,  reliable  and  productive  IT  systems 
for  all  user  constituents.be  they  employees,  customers,  suppliers  or  what  have  you. The  challenge 
for  network  executives  in  executing  on  this  promise  will  be  providing  a  consistent  level  of  service 
while  being  extremely  adaptable  —  the  only  constant  will  be  change. Vendors  and  analysts  across 
the  board  are  evangelizing  their  visions  and  terminology  for  this  adaptive  (HP’s  term),  grid-like 
(Oracle),  on-demand  and  autonomic  (IBM)  dynamic  IT  (IDC)  infrastructure. 


U  u  see  a  change  that’s 
dramatic  coming  down  the 
pipe,  it  behooves  you  to 
have  a  plan  and  to  have  an 
architecture  for  where,  you 
are  trying  to  get. 


-  GEOFFREY  MOORE,  author  and  managing  director 
of  consulting  firm,  TCG  Advisor. 
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All  visions  have  common  core  components. 
These  visions  see  the  infrastructure  as  a  system  of 
componentized,  automated  and  hot-swappable 
services  glued  together  with  best  practices.This  is 
a  vastly  different  mindset  than  the  traditional 
view  of  the  infrastructure  as  a  mix  of  wires,  boxes 
and  software. 

With  the  traditional  viewpoint,  the  technology 
stars  as  the  basis  of  the  architecture  vision.  But 
because  technology  changes  more  rapidly  than  a 
large  company  can  examine,  test  and  deploy  it, 
such  a  viewpoint  has  become  problematic. 

“Rather  than  being  an  inhibitor  of  change,  IT 
should  be  an  enabler.  The  fact  that  it  isn't  is  ironic 
since  flexibility  was  a  key  expectation  of  IT  from  the 
beginning,"  says  Russ  Daniels, CTO  of  software  and 
adaptive  enterprise  at  HP.“We  think  it  is  important 
that  you  approach  [adaptive  enterprise  architec¬ 
ture]  holistically,  not  as  a  technology  concern.  We 
don’t  think  it  is  about  moving  from  this  messag¬ 
ing  system  to  that  messaging  system  or  rewriting 
code  from  this  to  that.  You  will  become  adaptive 
as  a  result  of  thousands  of  architecture  decisions 
you  make  over  a  period  of  years.” 

Daniels  learned  this  while  re-engineering  HP’s 
IT  architecture  after  the  Compaq  merger.  “At  the 
time  of  the  merger,  we  were  spending  72%  of  our 
IT  budget  on  operations  and  28%  on  what  we 
identified  as  innovation  —  new  capabilities 
available  to  the  business.The  objective  of  HP  is  to 
be  at  more  of  a  50/50  split,”  he  says. 

To  get  there,  Daniels  realized,  HP  had  to  identify 
and  automate  the  manual  tasks  in  which  human- 
caused  errors  were  driving  up  maintenance 
costs.  Automation  can  become  an  ideal  lens  by 
which  to  envision  the  entire  new  enterprise 
architecture,  he  says. 

Users  who  have  tried  this  approach  agree.  “The 
whole  change  management  process  —  utility 
computing  —  is  the  way  to  view  IT,”  says  one  IT 
executive  from  a  Fortune  500  insurance  company 
that  recently  completed  an  18-month  project  to 
automate  server  and  application  management 
with  data  center  automation  software  from 
Opsware. 

“Our  soft  spot  was  systems,  where  IT  head 
counts  per  server  were  high.  We  wanted  to  in¬ 
crease  the  number  of  servers  being  supported  by 
one  person,  and  we  looked  at  automation  tools  to 
help  us  automate  processes,"  says  the  user,  who 
asked  not  to  be  identified. 

“Tools  like  Opsware  will  help  us  get  where  we 
want  to  go  without  re-engineering  the  whole  in¬ 
frastructure.”  He  now  is  looking  at  how  change 
management  can  become  the  foundation  of  his 
company’s  next-generation,  utility  computing- 
type  architecture. 

A  new  model 

As  network  executives  build  out  their  extended 
enterprises  into  global  ecosystems,  they  are  learn¬ 
ing  that  their  industry  will  dictate  much  of  their 
architecture  needs. 

“A  lot  of  what  happens  in  on-demand  only  comes 
to  life  in  an  industry  context  ...formed  and  inspired 
by  industry  thinking,”  says  John  Lutz,  global  vice 
president  for  on-demand  at  IBM. To  that  end,  ven¬ 
dors  such  as  IBM,  HP  and  Oracle  have  developed 
detailed  architectural  maps  for  most  of  the  major 
industries.  These  maps  are  excellent  starting 

See  Status,  page  S6 


The  new  data  center: 

A  conceptual  model 

This  conceptual  model  depicts  the  layers  that  compose  a  basic  next-generation 
infrastructure.  Each  layer  becomes  an  adaptable  service  that  may  be  built  and 
managed  internally  or  outsourced  on  demand. 


Client  layer:  Computers  and 
voice  devices  are  joined  by 
automated  machine-to- 
machine  devices  —  such  as 
items  tagged  with  RFID  chips 
that  will  generate  high  levels 
of  network  traffic. 


Network  layer:Traditional 

access  services  are  joined 
by  new  business-class 
services. 


Identity  management  layer: 

This  is  the  core  security 
method. 


Business  processes  layer: 

The  heart  of  IT  is  business 
processes  available  as 
services. 


Virtualized  infrastructure  layer: 

Already  popular,  IT  compo¬ 
nents  such  as  servers  and 
storage  are  managed  as  a 
pool  of  resources. 


Best  practices  and  procedures: 

With  many  of  the  low-level  manual 
processes  automated,  the  model 
calls  for  strong  guidelines  for  the 
remaining  manual  processes. 


Systems  and  security  management 

A  holistic  view  is  presented  of 
how  the  entire  infrastructure 
supports  and  protects  business 
processes. 
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Where  IP  and  telecom  unite. 
Where  security  is  offensive,  not  defensive. 
Where  e-commerce  is  safe  commerce. 
Where  content  is  mobile  and  personal. 

Where  infrastructure  is  more  intelligent. 


FIND 


NSACT 


VeriSign. 
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And  we  handle  over  30  percent  of  all  e-commerce  transactions  in  North 
America,  processing  $100-million  in  daily  sales.  As  next-generation  net¬ 
works  emerge  and  converge,  VeriSign  will  be  there,  deploying  the 
Intelligent  Infrastructure  Services  necessary  for  everything  from  RFID- 
enabled  supply  chains  to  inter-enterprise  VoIP  to  mobile  and  rich  media 


Billions  of  times  each  day,  the  world  interacts  with  a  company  you  may  not 
realize  is  there.  One  that  is  driving  dynamic  transformations  at  the  very 
core  of  commerce  and  communications.  VeriSign.  Through  our  Intelligent 
Infrastructure  Services,  we  enable  businesses  and  individuals  to  find, 
connect,  secure,  and  transact  across  today’s  complex  Internet,  telecom, 
and  converged  networks. 


content  distribution. 


We  operate  the  systems  that  manage  .com  and  .net,  handling  14-billion 
Web  addresses  and  emails  every  day.  We  run  one  of  the  largest  telecom 
signaling  networks  in  the  world,  enabling  services  such  as  cellular  roaming, 
text  messaging,  caller  ID,  and  multimedia  messaging.  We  manage  network 
and  user  security  for  over  3,000  global  businesses  and  400,000  Web  sites. 


Whether  you're  a  telecom  carrier  looking  to  rapidly  deploy  new  services;  a 
Fortune  500  enterprise  needing  comprehensive,  proactive  security  services; 
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Status 

continued  from  page  S4 

points  for  long-range  planning,  users  say 

Many  companies  in  the  utility,  automotive  and 
electronics  manufacturing  industries  already  are 
shifting  their  architectures  to  the  new  data  center 
model  and  can  serve  as  examples.  Key  indicators 
of  how  far  along  a  particular  industry  is  include 
the  adoption  rate  of  bellwether  technologies  such 
as  virtualization,  XML,  Web  services  and  service- 
oriented  architectures,  says  Frank  Gens,  senior 
vice  president  of  research  at  IDC.  Other  factors  in¬ 
clude  how  volatile  the  market  is  and  how  infor¬ 
mation-intensive  the  industry  is. 

While  the  particular  industry  might  dictate  the 
specific  architectural  map,  several  constants  are 
emerging  as  the  basis  for  the  new  data  center.  For 
instance,  the  infrastructure  is  becoming  a  series 
of  services  that  can  be  built  in-house,  outsourced 
or  both. 

The  generic  model  comprises  five  layers,  plus 
two  cross-layer  elements: 

•  The  client  layer.  As  always,  the  client  in¬ 
cludes  computers  and  voice  devices,  and  combi¬ 
nation  voice/data  wares.  But  a  different  kind  of 
client  emerges  in  the  new  data  center:  one  that 
will  end  up  generating  most  of  the  traffic.This  will 
be  a  machine-to-machine  automated  device, such 
as  anything  sporting  a  radio  frequency  ID  chip 
(appliances,  automobiles  and  pallets  of  goods). 

With  so  many  more  clients  on  the  average  net¬ 
work,  the  infrastructure  will  be  handling  a  “quan¬ 
tum  leap”  of  data,  Gens  says. 

This  is  one  of  the  pressing  reasons  that  a  long¬ 
term  move  to  the  new  data  center  will  be  neces¬ 
sary.  With  the  client/server-based  architecture  of 
today,  “if  you  throw  an  order  or  two  more  of  data 
on  top  of  it,  the  thing  breaks.  Let’s  build  a  more 
solid  foundation,”  he  says. 

•  The  network  data  access  services  layer. 
This  includes  LANs  and  other  private  enterprise 
networks,  leased-line  WAN  services,  public  access 
networks  like  the  Internet  or  metropolitan-area 
networks  and,  eventually  business-class  public 
networks,  such  as  infranets  (see  www.nwfusion. 
com,  DocFinder:  5427). 

•  The  federated  identity  management  ser¬ 
vices  layer.  This  layer  provides  the  security  back¬ 
bone.  Through  a  centralized  service,  users  and 
machines  will  gain  access  to  specific  business  ser¬ 
vices.  Automated  roles-based  provisioning  will  play 
a  big  part,  quickly  granting  and  revoking  access 
based  on  job  function  or  type  of  machine. 

•  The  business  process  management  layer. 
This  is  emerging  as  the  heart  of  the 
infrastructure,  composed  of  three 
pieces  —  management,  analytics 
and  the  business  processes. 

In  Daniel’s  view,  network  execu¬ 
tives  would  be  wise  to  make  a  dis¬ 
tinction  between  business  pro¬ 
cesses  offered  as  services  (say  a 
funds-transfer  application, available 
to  all  financial  applications)  and 
processes  that  ensure  a  service’s 
availability  (such  as  performance 
monitoring  tools  and 
network/storage/CPU 
capacity).  This  distinc¬ 
tion  will  let  network 


executives  understand  the  costs  involved  in  pro¬ 
viding  specific  business  services.  With  that  they 
can  conduct  ROI  analysis  or  build  an  adaptive, 
utility  computing  structure  complete  with  charge- 
backs.  Analytics  also  should  be  an  element. These 
are  IT  systems  that  help  the  business  folks  docu¬ 
ment  performance  and  predict  future  needs. 

•  The  virtualized  infrastructure  services 
layer.  This  is  the  computational  and  data  access 
foundation  on  which  all  else  rests  and  is  the  layer 
that  most  companies  currently  are  exploring  or 
implementing. 

Servers  and  storage  become  managed  as  a  sin¬ 
gle  pool  of  resources.  Over  time,  grid  computing 
will  be  added  to  many  enterprise  infrastructures 
and  will  boost  CPU  power  for  computational¬ 
intensive  tasks. 

In  fact,  the  concept  of  virtualization  is  being 
applied  generally  across  the  entire  model  —  mak¬ 
ing  network  capacity  available  on 
demand,  and  purchasing  enter¬ 
prise  applications  such  as  sales- 
force  automation  or  enterprise  re¬ 
source  management  in  applica¬ 
tion  service  provider  form. 

Two  architectural  beams  will 
support  all  the  layers:  industry- 
standard  best  practices  and  pro¬ 
cedures,  such  as  the  IT 
Infrastructure  Library  (ITIL),  and 
systems  and  security  manage¬ 
ment,  for  monitoring 
and  performing  QoS 
functions. 


Getting  from  here  to  there 

Of  course,  envisioning  an  ultimate  architecture 
is  the  easy  part.  Taking  action  to  get  the  IT  organ¬ 
ization  there  is  another.  The  migration  path  re¬ 
quires  testing  out  architecture  planning  for 
smaller  time  frames  and  in  smaller  chunks,  says 
Scott  Richert,  director  of  network  services  for 
Sisters  of  Mercy  Health  System,  in  St.  Louis  (see 
story,  DocFinder:  5426). 

Richert  is  restructuring  IT  to  standardize  and 
automate  server  and  application  management 
and  to  implement  identity  management,  among 
overhaul  projects.  He  creates  three-year  technol¬ 
ogy  road  maps  for  individual  portions  of  his  infra¬ 
structure  using  what  he  calls  “life-cycle  phasing.” 
Technologies  are  investigated  and  used  in  pilot 
programs  during  the  “sunrise”  phase,  he  says. 
Buying  and  implementation  take  place  during 
the  “mainstream”  phase.  During  the  “sunset” 
phase,  IT  supports  the  systems  but  does  not  pro¬ 
cure  new  systems.  After  sunset,  the  technologies 
are  retired. 

While  Richert  has  yet  to  create  a  single,  long¬ 
term  life-cycle  phasing  plan  for  his  entire  net¬ 
work,  he  is  inching  toward  one.  “I’ll  do  multiple 
parts  to  a  map  . . .  and  I  encourage  my  team  to 
take  the  time  to  map  and  to  take  it  seriously  The 
data  center  infrastructure  is  being  built  around  a 
business  process  framework  and  we  need  to  plan 
for  key  metrics  such  as  cost  vs.  benefit,  redun¬ 
dancy  and  meaningful  service-level  metrics,  tied 
to  businesses  processes.That’s  not  easy  to  do,  but 
it’s  important,”  he  says. 

Plus,  as  any  traveler  can  tell  you,  the  value  of  an 
accurate  map  cannot  be  underestimated.  ■ 


More  Online! 

Head  online  for  an  interactive  version  of  Network  World's  new  data 
center  conceptual  model.  DocFinder:  5830 
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When  apps  are 


Application  virtualization  can  help  your  infrastructure 
work  harder  and  faster  while  re  ducing  costs. 


We  can  use  what;  we  have  to 
its  full  capacity  and  have 
more  flexibility  in  acquiring 
hardware  resources. 

-  ROBERT  ORTEGA,  chief  business  architect,  Wachovia 


BY  JAMES  GASKIN 

wo  years  ago. Paul  Little.senior  architect 
at  Fidelity  National  Financial  in  San 
Diego,  faced  a.  crisis.  Server  hardware  and 
operating'  system  costs  were  growing  out  of 
control  as  Little  struggled  to  provide  the  com¬ 
pany’s  IT  team  with  various  client  and  server  configurations. 
These  were  needed  to  support  more  than  30  customized  ver¬ 
sions  of  a  large  commercial  lending  application  used  bv  the 
firm’s  real  estate  and  financial  services  customers. 

"We  had  a  silo  environment,  with  each  customer  in  its  own  little  world." 
Little  says. 

When  a  new  IT  employee  learned  of  the  situation,  lie  suggested  application 
virtualization  —  in  particular,  application  virtualization  using  Softricitv's 
SoftGrid  software.  The  staffer  had  worked  with  SoftGrid  previously  and  felt 
it  could  provide  the  means  of  curbing  server  hardware  and  operating  sys¬ 
tems  growth  at  Fidelity  National. 

Softrjcity  is  among  a  small  number  of  vendors  offering  application  virtual¬ 
ization  products.  Each  vendor  takes  a  different  approach,  lint  the  general 
purpose  of  application  virtualization  is  to  separate  application  code  from 

the  restrictions  of  individual  servers,  operating  systems  and  clients.  This  is 
much  like  storage  virtualization,  which  uses  an  abstraction  layer  to  sep- 
arate  stored  information  from  individual  drives, 

.Softricitv's  SoftGrid  lets  applications  run  Oh  Windows  comput- 
9k  ers  without  installation  or  alteration  to  their  host  Operating  sys- 
terns.  SoftGrid  “sequences"  Windows  applications  by  capturing, 

■  the  installation  process  and  creating  customized  application 

■  components  that  it  then  provides  to  clients  via  the  Soffricity 
A  Application  Server. 

Because  the-  applications  are  never  permanently  loaded 
A  on  the  client  —  running  only  in  the  customized  Softricity 
■  environment  —  license  requirements  apply  only  to  the  cen- 
tral  server. 

rising  SoftGrid.  applications  from  remote  servers  can  run 
locally  without  changes  to  the  local  environment,  and  mul¬ 
tiple  versions  of  an  application  can  run  on  the  same  client 
concurrently. 

Easy  decision 

Despite  initial  skepticism  about  the  application  vir¬ 
tualization  concept  Little  heeded  the  new  employ 
ee’s  advice  and  let  Softricity  conduct  a  proof-of-con- 
cept  demonstration  with  Fidelity  National  applica¬ 
tions.  That  was  all  the  convincing.  Little  needed. 
“That  sold  us.  seeing  multiple  versions  of  our  appli¬ 
cation  running  side  by  side  on  our  client  support  sys¬ 
tems,”  lie  says,  noting  that  within  six  months  develop¬ 
ers  were  using  SoftGrid  for  all  support  needs. 

Fidelity  National  uses  Citrix  servers  to  distribute  applications  to  local 
and  remote  clients.  Developers  in  the  ILK.  and  in  India,  and  Consultant s 
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What  is 
data  center 
on  demand? 


Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  any  size 
with  scalable,  top-tier  availability. 


Part 

Number 

Usable 

IT  Racks 

Average 
kW  per  Rack 

Price 
to  buy 

Price  to  lease 
(36  installments) 

ISXCR1SY16K16P5 

1 

up  to  5kW 

$1 4,999* 

$499 

ISXT240MD6R 

6 

up  to  5kW 

$1 49,999* 

$4,999 

ISXT240MD11R 

11 

up  to  5kW 

$249,999* 

s7,999 

ISXT280MD40R 

40 

up  to  5kW 

$699,999* 

*21,999 

ISXT2800MD100R 

100 

up  to  5kW 

$1 ,649,999* 

s50,999 

High  Density  Configuration  (shown  above) 

ISXT280HD8R 

8 

up  to  lOkW 

$399,999* 

$1 2,999 

All  multi-rack  configurations  feature: 

/  N+  7  power  and  cooling 

Secure,  self-contained  environment 

V  Peak  capacity  of  20kW  per  rack 
yf  Enhanced  service  package 

✓  Integrated  management  software 


Infrastructure' 

DATA  CENTERS  ON  DEMAND 

Highly  available  and  manageable, 
quick-to-install,  scalable  architecture 
that  easily  supports  both  standard- 
and  high-density  applications. 

-  Up  to  20 kW  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days  ** 


High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  $29,999 


-  Installs  in  1  day** 


Order  your  solution  today.  Call  888-289-APCC  x3335. 

Don't  see  the  configuration  you  need? 

Try  APC's  online  InfraStruXure  BuildOut  Tool 
today  and  receive  3  FREE  APC  white  papers. 

Go  to  http://promo.apc£om  and  enter  key  code  y368y 

InfraStruXure"*  BuildOut  Tool 


-  Optional  on-site 
power  generation 

-  Raised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 
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*  Prices  do  not  include  IT  equipment  **  Install  and  delivery  times  may  vary 
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continued  from  page  S8 

at  customer  sites,  receive  access  from  the  Soft- 
Grid  application  servers  running  on  Citrix.  Sales¬ 
people  can  demonstrate  commercial  lending  soft¬ 
ware  managed  by  Softricity  while  sitting  in  a 
prospect’s  office. 

Little  counts  some  serious  cost  savings.“One  appli¬ 
cation  we  sequenced  through  SoftGrid  to  leave  as  a 
single  environment  with  multiple  client  instances 
saved  us  from  spending  $50,000  for  a  second  server 
hardware  license,”  he  says. 

Future  plans  include  providing  SoftGrid  to  the 
Fidelity  National  groups  that  serve  as  their  cus¬ 
tomers’  support  departments;  this  would  reduce  the 
number  of  Citrix  installations  required.  And  disaster- 
recovery  planners  soon  will  integrate  SoftGrid  into 
their  plans  by  serving  all  applications  from 
at  least  two  data  center  locations. 

“Reducing  management  headaches  of 
our  environment  was  the  biggest  issue 
for  our  SoftGrid  solution,”  Little  says. 

One,  two,  three 

Saving  money  on  server  hardware  and  operating 
system  licenses,  better  utilization  of  existing  equip¬ 
ment  and  better  management  of  enterprise  applica¬ 
tions  are  benefits  touted  by  users  of  other  applica¬ 
tion  virtualization  products  as  well. 

DataSynapse’s  GridServer  virtualization  product 
has  made  a  world  of  difference  for  the  applications 
environment  at  Wachovia,  says  Robert  Ortega,  chief 
business  architect  at  the  Charlotte,  N.C.,  financial 
services  firm.“Our  main  benefits  are  that  we  can  use 
what  we  have  to  its  full  capacity  and  we  have  more 
flexibility  in  acquiring  hardware  resources,”  he  says, 
noting  that  he  implemented  GridServer 
three  years  ago  for  the  firm’s  Corporate 
and  Investment  Bank  (CIB)  division. 

With  its  GridServer  (formerly  named 
LiveCluster)  software,  DataSynapse 
applies  grid  computing  to  application  virtu¬ 
alization  —  essentially  fracturing  applications  and 
spreading  the  pieces  across  the  data  center. 
Applications  can  migrate,  using  pre-configured 
policies,  to  under-used  servers  in  a  supply-matches- 
demand  process.  Autonomic  computing  processes 
ensure  support  of  applications  needing  resources 
by  a  pool  of  heterogeneous  servers. 

DataSynapse  relies  on  Web  services  specifications 
and  standards  such  as  Organization  for  the  Ad¬ 
vancement  of  Structured  Information  Standards’ 
Web  Services  Resource  Framework  and  the  World 
Wide  Web  Consortium’s  Web  Services  Description 
Language  (WSDL)  to  expose  computing  resources 
as  proxies  to  users  and  developers.  Use  of  proxies 
eliminates  the  need  for  client-side  binding,  so  no 
application  installation  files  are  loaded  locally  and 
lets  business  logic  be  hosted  separately  from  spe¬ 
cific  server  resources.  By  creating  a  stateful  connec¬ 
tion  through  the  abstraction  layer,  DataSynapse  can 
deliver  the  benefits  of  a  grid  system  while  still  pro¬ 
viding  the  two-phase  commit  process  demanded  in 
transaction  processing  environments. 

GridServer  helps  Wachovia  handle  big  transac¬ 
tion  volumes  while  meeting  high-performance  and 
availability  requirements  because  it  divides  appli¬ 
cations  from  the  underlying  system  they’re  invok¬ 
ing,  Ortega  says.  “The  abstraction  layer  allows  us  to 
make  changes  to  the  underlying  systems  without 
impacting  users.  [We  can]  leverage  existing 


resources  with  the  grid-aware  system,  and  the  user 
never  knows  the  difference,”  he  adds. 

With  DataSynapse  running  on  several  hundred 
Solaris  and  Windows  servers,  Wachovia  now  han¬ 
dles  four  times  more  volume  and  up  to  25  times 
more  financial  modeling  simulations  than  it  did 
without  application  virtualization.  “One  risk  report 
that  took  15  hours  now  can  be  prepared  in  about  15 
minutes,”  Ortega  says. 

Bank  users  anywhere  in  the  world  have  access  to 
the  DataSynapse  applications  running  CIB  opera¬ 
tions,  including  programs  in  the  credit,  global  risk, 
equity  and  mortgage-backed  securities  areas.  Re- 


1.  Which  goal  is  primary:  decreasing 
hardware,  decreasing  license  count 
or  consolidating  management? 

2.  Do  you  have  a  project  far  enough 
along  that  it  can  be  used  for  proof 
of  concept  by  an  application  virtu¬ 
alization  vendor? 

3.  Has  your  staff  mastered  storage 
virtualization,  and  is  it  ready  for 
the  next  step? 

4.  Can  you  amortize  a  new  system 
over  multiple  functional  areas, 
such  as  improving  remote  access, 
management  upgrades  and  disas¬ 
ter  recovery? 

5.  Do  you  have  an  application  that 
must  run  over  multiple  servers  or 
multiple  applications  that  must  run 
on  a  single  server? 


sources  from  any  location  can  be  pulled  into  the 
grid  to  provide  processing  power  as  needed.  No  cli¬ 
ent  changes  are  required,  although  clients  licensing 
the  DataSynapse  WSDL  compiler  benefit  from  extra 
scalability  support,  Ortega  says. 

Percolating 

A  third  vendor,  Trigence,  takes  yet  another 
approach  to  application  virtualization.  In  its  prod¬ 
uct,  called  Trigence  Application  Environment,  the 
company  focuses  on  the  service  application  layer  as 
the  point  to  separate  an  application  from  the  under¬ 
lying  operating  system.  Trigence  favors  the  term 
“application  containerization”  over  “application  vir¬ 
tualization”  to  describe  the  process  it  uses  to  sepa¬ 
rate  an  application  and  its  operating  system  depen¬ 
dencies,  such  as  libraries  and  device  drivers,  from 
the  rest  of  an  operating  system.  This  decoupling  of 
applications  from  operating  systems  differentiates 
Trigence’s  approach  from  VMware’s  popular  server 
virtualization,  which  supports  multiple  operating 
systems  and  applications  on  one  computer.  For  now, 
Trigence  supports  the  Solaris  1 0  and  Linux  operat¬ 
ing  systems. 


Trigence  says  it  “lifts  and  separates”  applications 
for  easy  object-oriented  management,  including 
copying  and  archiving.  For  example,  a  developer 
could  clone  an  application  so  that  a  second 
instance  could  be  brought  online  to  deal  with 
heavy  demand.  Or  developers  could  place  applica¬ 
tions  in  a  repository  for  the  purpose  of  regulatory 
compliance  —  after  all,  10-year-old  data  isn’t  very 
helpful  if  the  10-year-old  application  is  no  longer 
around  to  interpret  the  data,  Trigence  says.  With 
Application  Environment, a  company  can  set  aside 
the  application  and  data  in  exactly  the  form  used 
in  production. 

Some  early  adopters  also  use  Application  Environ¬ 
ment  for  years-old  applications  that  they’ve  been 
afraid  to  touch  because  they  no  longer  know  how 
to  move,  modify  or  reinstall  them, Trigence  says. With 
Application  Environment, companies  can  gather  the 
application  and  affected  operating  system  compo¬ 
nents  as  a  “unit  of  value”  in  the  data  cen- 
ter.  Separating  application-specific 
details  from  the  underlying  system 
makes  it  easier  to  support  multiple 
applications,  including  those  relying  on 
multiple  operating  systems  on  one  server 
with  a  single  operating  system  license. 

Containerized  applications  can  move  between 
versions  of  operating  system  but  must  stay  within 
the  same  processor  family  That  means,  for  example, 
that  a  company  cannot  move  an  application  for  a 
Sparc  chip  to  an  Intel  chip. 

“Think  of  an  envelope,”  says  Anne  MacFarland, 
director  of  enterprise  architectures  and  infrastruc¬ 
tures  at  The  Clipper  Group.“Trigence  puts  all  the  dif¬ 
ferent  pieces  of  paper  into  a  single  envelope.” 

MacFarland  expects  Trigence’s  idea  of  application 
containerization  to  be  well  received. 
“2005  will  be  the  year  of  the  container? 
she  says.  “Imagine  how  much  better 
your  testing  could  be  if  you  took  four 
versions  of  the  same  program,  all  with 
full  production  data,  and  tested  each  of 
them  at  the  same  time.” 

Virtualized  destiny 

No  doubt,  application  virtualization  does  seem 
destined  for  use  in  new  data  center  architectures, 
and  enterprise  IT  managers  will  have  their  choice 
of  approach. 

Equally  clear  is  that  enterprise  application  ven¬ 
dors  must  do  more  to  support  new  virtualization 
technologies,  particularly  when  it  comes  to  pricing 
and  licensing  issues.  One  major  database  vendor,  for 
example,  might  have  unwittingly  pushed  customers 
toward  virtualization  because  each  version  of  its 
software  refuses  to  coexist  on  servers  with  other  ver¬ 
sions.  Internal  company  developers  have  virtualized 
development  platforms  to  support  multiple  software 
instances  running  on  a  single  server  platform.  This 
provides  flexibility  and,  technically  keeps  them  legal 
with  a  single  server  license. 

The  data  center  wish  list  includes  the  ability  for 
any  client  in  any  location  (virtual  access)  to  con¬ 
nect  to  any  application  (application  virtualization) 
running  any  type  of  processing  (virtual  processing) 
access  any  type  of  data  (virtual  storage).  We  aren’t 
there  yet,  but  application  virtualization  adds  another 
critical  building  block  to  fulfill  those  wishes. 

Gaskin  is  an  author  and  consultant,  and  a  member 
of  the  Network  World  Lab  Alliance.  He  can  be  reached 
at  james@gaskin.com. 
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Middleware  is  Everywhere 


MIDDLEWARE  IS  IBM  SOFTWARE.  The  IBM 

TotalStorage®  Open  Software  Family.  It  automatically 
helps  manage  and  optimize  highly  complex  storage 
environments.  By  centralizing  information.  By  fully  utilizing 
resources.  By  simplifying  data  compliance.  Help  slash 
long-term  storage  costs.  On  demand.  Comprehensive, 
reliable  storage  management  solutions  from  IBM. 


1.  Statistics  from  Asia  retrieved  quickly. 

2.  Paris  client’s  portfolio  accessed  securely. 

3.  Critical  information  archived  automatically. 

4.  Data  kept  within  compliance  guidelines. 

5.  Optimized  storage  supports  heavy  volume. 


Middleware  for  the  on  demand  world.  Learn  more  at  ibm.com/middleware/resource 


DEMAND  BUSINESS 


Middleware 


IBM,  the  IBM  logo,  the  On  Demand  logo  and  TotalStorage  are  registered  tiademaHW 
countries.  £  2005  IBM  Corporation.  All  rights  reserved.- 
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proposi  ion 

Server  consolidation  has 
become  a  proven  me  thod 
to  stop  spiraling  IT  c  sts. 


BY  JOANNE  CUMMINGS 


erver  consolidation  is  fast  becom¬ 
ing  the  strategy  of  choice  for  IT 
organizations  faced  with  burgee  i- 
ing  costs  from  their  distributed 
application  environments.  The 
si  :cess  stories  are  piling  up:  The  Gap  reported  saving 
$2  million  annually  by  consolidating  from  269  two- 
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way  servers  to  10  eight-way  servers,  and  re  Lping 
a  43%  improvement  in  ROI  over  two  years.  Pella 
consolidated  16  Microsoft  Exchange  mail 
servers  down  to  six,  increasing  reliability  and 
cutting  costs  in  half.  JetBlue.com  consolidat¬ 
ed  64  servers  down  to  just  three  boxes, 
saving  more  than  60%  in  staffing  and 
maintenance  costs. 

According  to  1DC  research,  79"  .  of  U.S.  organizations 
1  are  in  the  middle  of  server  and  storage  consolidation 
!  projects,  up  from  52%  in  2000.  “And  the  vast  majority 
—  85%  to  90%  of  the  users  we’ve  surveyed  —  are 
happy  with  the  way  tilings  have  gone  and  plan  to  do 
more,”  says  Matt  Eastwood,  program  director  of 
worldwide  server  research  IDC. 

But  as  with  any  IT  project,  there’s  a  right  way  and  a 
wrong  way  to  approach  server  consolidation.  The  pri¬ 
mary  hurdles  to  success,  users  and  analysts  say,  are  not 
so  much  technical  as  they  are  organizational  and  political. 

Get;  bu1  -in 

When  IT  is  decentralized,  “getting  other  groups  to  buy  in  to  the  consoli¬ 
dation  idea  is  not  easy,”  says  Devin  York,  IT  director  of  financial  systems 
for  Continental  Airlines  in  Houston. 

Under  York’s  guidance,  the  financial  systems  group  spearheaded  the 
consolidation  of  50  application  servers  for  six  departments  onto  two  32- 
way  HP  9000  Superdome  servers  running  HP-UX,  saving  the  airline  $2  mil¬ 
lion  off  the  bat  and  $1  million  a  year  in  maintenance  costs. 

But  Continental’s  internal  setup  made  the  process  difficult.  At  the  air¬ 
line,  IT  projects  are  departmentally  driven.  Over  the  years,  this  had 
helped  each  department  better  track  and  limit  costs,  but  it  had  left  the  com¬ 
pany's  data  center  with  a  hodgepodge  of  space-eating,  difficult-rp-maintain 

See  Consolidation,  page  SI 6 
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LINE-RATE  GIGABIT  &  10  GIGABIT  PORT  DENSITY 


You  admire  precision  engineering  and  seek  out 
maximum  performance.  You  want  the  best.  Presenting 
the  E-Series  from  ForcelO  Networks:  The  first  resilient 
switch/router  to  deliver  672  line-rate  Gigabit  Ethernet 
or  56  line-rate  10  Gigabit  Ethernet  ports  per  chassis  — 
more  than  twice  the  capacity  of  our  competitors. 
That's  Terabit  performance. 


Based  on  ForcelO's  revolutionary  TeraScale'”  technology, 

the  E-Series  delivers  industry-best  metrics  in  density, 

throughput,  resiliency  and  security.  The  advanced 

architecture  of  the  E-Series  ensures  predictable 

performance  with  traffic-variation  dampening, 

provides  control  plane  resiliency  to  prevent  ■Yttminne 

DoS  attacks,  and  supports  line-rate,  real-time  j .  m 
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security  filters  for  high  performance  security.  I*  f 


To  test  drive  the  E-Series  in  your 
network,  contact  us  at  1-866-600-5100 
or  visit  www.force10networks.com. 


independent  TeraScale  test  results  from  The  Tolly  Group,  visit  www.force10networks.com  '  .'".1 4  '  2^0 
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Four  stages  of  server 
consolidation 

Each  stage  Increases  the  complexity  of  the  process  but  also 
Improves  the  payback. 

Server  consolidation  can  mean  a  variety  of  things  to  different  people, 
and  users  considering  launching  a  consolidation  project  would  be  wise 
to  think  through  their  goals.  As  a  starting  point,  consider  these  four 
distinct  phases  for  your  server  consolidation  project,  IDC  says. 


Centralization 

The  easiest  and  most  basic 
stage.  During  this  stage,  IT  cen¬ 
tralizes  its  various  distributed 
application  servers  to  one  data 
center  by  moving  the  physical 
boxes  to  a  central  location. 
Administration  is  eased,  but  not 
much  is  gained  because  the 
applications  remain  tied  to  a 
plethora  of  individual  servers. 


Physical  consolidation 

During  this  stage,  IT  com¬ 
bines  like  application  servers 
—  say  several  Microsoft 
Exchange  mail  servers  — 
onto  fewer  or  larger  systems 
with  the  same  application 
type  or  platform.  This  results 
in  fewer  servers  overall,  lead¬ 
ing  to  lower  maintenance  and 
administrative  costs. 


Data  integration 

During  this  stage,  IT  combines 
applications  with  different  data 
formats  onto  a  single  platform.  For 
example,  it  moves  from  a  mix  of 
database  platforms  to  just  Oracle. 
This  not  only  reduces  the  number 
of  application  servers,  but  stan¬ 
dardization  helps  further  stream¬ 
line  support  and  maintenance 
costs.  /*** 


Application  integration 

provides  the  most  bang  for 
the  buck.  During  this  stage, 
IT  consolidates  servers  sup¬ 
porting  different  application 
workloads  onto  fewer  or 
larger  systems. 

—  Joanne  Cummings 


Consolidation 

continued  from  page  814 

application  servers. 

“Every  group  had  its  own  Web  server,  application  tier  and  database  server,  so 
for  every  group  there  were  at  least  three  boxes  that  needed  to  be  supported  and 
maintained,”  York  says.  Some  mission-critical  departmental  applications  were 
distributed,  as  well.  Some  pieces  of  his  group’s  revenue  accounting  package 
were  housed  on  the  mainframe, while  other  parts  were  on  different  servers 
across  the  company 

“The  systems  and  processes  were  a  little  bit  everywhere, "York  says.“And  that’s 
not  a  great  idea.”This  architecture  was  especially  problematic  when  York’s  group 
looked  to  upgrade  the  revenue  accounting  application  because  simply  finding 
the  various  pieces  and  getting  them  all  synched  up  at  once  was  difficult. 

The  Superdome  was  a  good  fit  for  Continental  because  it  supported  hardware 
partitioning  and  HP-UX,  on  which  most  of  the  various  departments’  mission- 
critical  applications  already  ran,  York  says.  Plus,  consolidating  applications  on 
the  Superdome  would  help  all  the  groups  save  money,  while  providing  each 
with  a  better  server  environment,  complete  with  failover  and  redundancy — fea¬ 
tures  none  could  afford  on  its  own.  Still  some  groups  were  leery 

“Each  group  has  pretty  tough  performance  goals  set  by  management,  so  peo¬ 
ple  were  hesitant  to  give  up  their  hardware,”  he  says.“They  wanted  to  be  able  to 
control  their  own  destinies  when  it  came  to  meeting  yearly  goals.” 

The  trick  was  proving  to  management  that  they  could  meet  or  beat  their  goals 
while  saving  money. “It  came  down  to  a  financial  argument.  We  showed  them 
how  they  could  get  better  availability  and  better  performance  for  15%  less  than 
the  annual  cost  of  supporting  their  own  environments, ’’York  says. 

In  the  end, when  it  came  time  to  justify  costs  to  upper  management,  no  depart¬ 
ment  wanted  to  be  the  odd  one  out.“It  becomes  difficult  for  them  to  say  ‘No’ 
because  the  next  time  they  need  to  upgrade,  their  cost  is  going  to  be  more  than 
ours  and  someone  in  management  will  wonder  why  they  didn’t  go  along  with 


our  consolidation.You  can’t  say  ‘No’  to  better  performance  at  lower  cost  when 
you’re  at  an  airline  that’s  struggling,”  he  explains. 

With  the  re-architecting  of  the  revenue  accounting  project  nearing  deadline, 
the  financial  systems  group  implemented  the  new  Superdome  archi- 
tecture  in  2002,  bringing  applications  from  the  six  other  groups  on- 
|  board  at  the  same  time.  The  financial  systems  group  manages  the 
f  hardware  for  the  others,  although  each  group  retains  responsibility 
^  at  the  application  level. 

Go  slow 

Many  organizations  find  that  starting  with  a  non-critical  application  will 
help  demonstrate  the  consolidation  concept.“We  see  people  targeting  the  low- 
hanging  fruit  first,”  IDC’s  Eastwood  says.  “They  target  the  infrastructure  —  the 
email  systems,  the  file  and  print  servers,  the  networking-type  servers  —  because 
those  are  the  assets  that  IT  has  full  control  over!’ 

At  Zurich  Life,  this  meant  starting  with  development  and  staging  servers. 
Using  VMware  virtualization  software  and  HP/Compaq  ProLiant  DL 

2  380  and  580  servers,  this  financial  insurance  firm  reduced  the  over- 

j  all  number  of  application  servers  from  about  200  Windows-based 
.  v  machines  to  fewer  than  80,  says  Mark  Bradley  who  led  the  project 
and  is  now  applications  development  analyst  at  J.P  Morgan  in 
Schaumburg,  Ill.,  which  acquired  Zurich  Life. 

“To  do  any  sort  of  change  in  the  production  environment,  there  are  so  many 
groups  involved  that  getting  approvals  is  difficult,”  he  says.“But  in  a  staging-and- 
development  environment,  you’re  under  Jthe  radar,  so  getting  a  change  in  and 
out  is  easier!’  Once  you’ve  proved  a  concept  in  the  development  area,  getting 
approvals  and  starting  on  the  production  servers  is  easier,  he  says. 

At  Endress  &  Hauser,  a  global  process  controls  manufacturer, starting  small 
meant  targeting  a  Linux-based  IT  project  management  application  running  on 
several  IBM  AS/400  servers  distributed  throughout  the  company’s  35 
;  k  business  units. “We  started  with  a  very  small  application,”  says  Jan 
Olaf,  executive  board  member  at  Endress  &  Hauser.  Because  only  IT 
Jr  used  this  Linux  application,  Olaf’s  group  felt  comfortable  starting 
with  it.“We  were  the  only  ones  who  were  impacted  by  the  consoli¬ 
dation,  and  we  were  able  to  get  feedback  directly  from  our  own  people,”  he  says. 

Endress  &  Hauser  eventually  consolidated  its  19  production  SAP  systems,  to¬ 
gether  with  associated  DB2  database  servers,  onto  just  two  IBM  zSeries  990 
mainframes  configured  with  48  zSeries  processors,  and  running  a  mix  of  Linux 
and  Windows  2003.The  production  SAP  systems,  which  support  more  than  3,500 
users  in  35  corporate  locations  worldwide,  are  distributed  on  14  logical  parti¬ 
tions,  while  the  databases  are  distributed  on  six  logical  partitions  on  the  zSeries 
990.The  mainframes  are  housed  at  Endress  &  Hauser’s  data  center  in  the  head¬ 
quarters  city  of  Weil  am  Rhein,  Germany 
The  best  consolidation  platforms  can  accommodate  some  kind  of  hardware 
and  software  partitioning  because  the  applications  —  and  the  users  —  some¬ 
times  require  finer  degrees  of  separation,  users  say 
For  example,  HP’s  Superdome  uses  hardware  partitioning,  which  enables  Con¬ 
tinental  to  keep  each  department’s  applications  separated. This  makes  each 
group  more  comfortable  with  the  consolidated  setup.“We  install  everything  and 
do  things  like  failover  for  the  whole  box,  but  at  the  [operating  system]  level,  the 
groups  own  their  applications  and  they’re  all  kept  completely  separate.  And 
that’s  the  way  they  like  it, ’’York  says. 

At  J.P  Morgan,  Bradley  uses  a  mix  of  hardware  and  software  partitions  to 
accommodate  different  applications.  “Some  applications  work  just  fine  in  a 
VMware  environment,”  where  processing  power  is  carved  up  virtually  using 
the  software,  he  says.  “But  for  a  seriously  [network-intensive]  chatty  app,  a 
blade  server  is  a  better  fit.”  This  is  because  blades  use  their  onboard  switching 
capabilities  to  provide  an  extra  layer  of  separation  that’s  not  possible  in  a  strict 
VMware  environment,  he  says. 

Of  course,  consolidated  servers  do  have  their  downsides,  users  say 
Scheduling  can  get  dicey  for  example.  Patching  the  operating  system  for  the 
primary  server  is  easier  than  patching  across  multiple  servers,  but  it  could 
mean  bringing  down  all  the  resident  applications  at  the  same  time.  “With  24- 
by-7  ATM  machines  and  a  variety  software,  anytime  we  want  to  bring  a  server 
down,  it  almost  requires  an  act  of  God,”  Bradley  says.“Nobody  can  agree  on  the 
best  time.” 

Bradley  says  this  problem  might  get  solved  when  he  moves  to  VMware  ESX 
Server  2.5,  which  became  generally  available  in  December.“It  lets  you  move  your 
VMware  sessions  off  one  box  and  onto  another  just  by  dragging  and  dropping. 
So  you  could  patch  your  [operating  system]  on  one  machine  and  drag  it  back 
without  affecting  anything,  which  is  nice,”  he  says. 


Continental’s  York  follows  a  similar  protocol, 
patching  systems  every  time  he  does  a  failover 
test  for  the  Superdome  environment,  a  task  he 
schedules  quarterly.  Patches  for  critical  holes  are 
done  as  needed. 

“Firmware  upgrades  have  been  the  biggest  has¬ 
sle.  The  complex  thing  about  a  consolidated  serv¬ 
er  or  storage  environment  with  the  firmware  is 
that  there  is  a  dependency  chain.  If  a  tape  library 
needs  a  certain  firmware,  well,  you  better  make 
sure  that  firmware  is  also  compatible  with  every¬ 
thing  else  you’re  running.  It’s  all  more  complex,” 
he  says. 

Backups  also  are  sore  spots.  The  VMware  envi¬ 
ronment  initially  caused  problems  for  J.P  Morgan 
because  every  time  the  backups  ran  on  the  vari¬ 
ous  applications  on  the  box,  it  brought  the  server 
to  its  knees,  Bradley  says.  VMware  is  aware  of  this 
problem  and  has  posted  a  series  of  fixes  and 
workarounds  (see  www.nwfusion.com, 
DocFinder:  5229),  one  of  which  is  using  back¬ 
ground  Perl  scripts  to  create  back-up  snapshots. 

“We  were  able  to  build  a  Perl  script  to  kind  of  stop 
and  start  the  server’’  Bradley  says.“Rather  than  run 
a  tape  backup  within  each  VMware  session,  we 
stop  it,  take  a  snapshot  of  that  file,  and  then  start  it 
again.  It  gives  us  a  full  backup  of  everything  on  that 
box  and  on  the  VMware  session,  and  it’s  much 
faster.  It  doesn’t  drag  on  the  CPU  and  utilization.” 


Five  ways  £0  sell 
your  server  con¬ 
solidation  project 

1.  Consolidate  storage  first  to  gain  buy  in  for 

the  concept  and  then  move  on  to  application 
servers. 

2.  Attack  lowkanglng fruit  such  as  mail  and 
print  servers  first  and  build  on  your  success. 

3.  If  you  charge  back,  show  savings  that  way. 

4.  If  you  don't  charge  back,  then  focus  on 
detailing  service-level  improvements, 
staff/asset  utilization  savings  and  business 
flexibility  (all  of  which  should  exist  at  some 
level). 

5.  Be  patient  and  don’t  consolidate  all  at  once. 
Wait  and  consolidate  when  an  upgrade  is  nec¬ 
essary  anyway,  and  even  then  do  it  bit  by  bit. 


Go  overboard 

Perhaps  the  most  important  piece  of  advice 
users  offer  is  to  choose  your  consolidation  plat¬ 
form  wisely  Make  sure  it’s  large  enough. “You 
should  always  buy  the  biggest  and  the  best  hard¬ 
ware  you  can  afford  for  this. You  really  can’t  over¬ 


provision  because  the  more  you  provision,  the 
more  you  can  do,”  Bradley  says. 

Another  tactic  is  to  get  a  pay-as-you-go  deal 
from  your  vendor.  “That’s  the  best  way”  Olaf  says. 
“In  our  consolidation  project,  with  the  first  appli¬ 
cation  of  the  SAP  system,  we  didn’t  need  all  48 
processors  of  the  machine  —  and  we  didn’t  pay 
for  it.  But  as  we  increased  the  number  of  applica¬ 
tions,  we  could  increase  the  number  of  proces¬ 
sors,  on  a  pay-as-you-go  basis.  It  was  very  flexible 
and  cost-effective.” 

Users  also  should  understand  the  road  map  for 
the  vendor  platform  on  which  they’re  consoli¬ 
dating.  Because  HP  uses  cell  board  technology, 
the  Superdome  is  plug-and-  play  when  it  comes 
to  processors,  Continental’s  York  says.  Each 
Superdome  supports  as  many  as  four  cell  board 
modules,  each  of  which  can  be  configured  with 
one  to  four  PA-8800  processors.  As  the  need  for 
processing  power  increases  over  time,  the  cell 
boards  can  be  hot-swapped  to  accommodate 
the  growth. 

“That  means  we  can  grow  this  box  for  a  long 
time,  York  says,  and  adds  that  he  expects  five  to 
seven  years  out  of  his  Superdome. 

Cummings  is  a  freelance  writer  in  North  Andover, 
Mass.  She  can  be  reached  at  jocummings@com 
cast.net. 
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E  YOU  ON  THE  CUTTING  EDGE? 


Then  enter  the  New  Data  Center  Awards 


Sponsored  by 


NetworkWorld 


A  F  C  O  M 


Network  World  and  AFCOM,  the  leading  association  for  data  center 
professionals,  have  teamed  up  to  honor  innovative  I.T.  managers  and  cutting- 
edge  data  centers  with  our  New  Data  Center  Awards.  Winners  will  be 
spotlighted  at  AFCOM’s  Data  Center  World  Conference,  which  will  be  held 
April  17-21  in  Las  Vegas,  and  in  the  pages  of  Network  World’s  May  23  New 
Data  Center  editorial  supplement. 


Nominate  your  company,  your  colleagues  or  yourself  —  even  a  customer  —  in  the  following  categories: 


data  center  manager  of  the  year 


DATA  CENTER  OF  THE  YEAR 


SECURE  DATA  CENTER  AWARD 


This  award  recognizes  the  I.T.  manager  who  has  blended  vision  and 
practicality  in  designing,  building  and/or  consolidating  data  centers  to 
meet  business  goals.  The  award  honors  the  data  center  manager  who 
creatively  deploys  people,  money  and  technology  to  build  and  run  a 
world-class  data  center  that  makes  his  or  her  company  successful.  You 
should  enter  if  your  strategic  planning  and  prudent  use  of  resources 
in  the  data  center  has  made  a  real  difference  for  your  organization. 


This  award  showcases  the  company's  whose  data  center  serves  as  a 
shining  example  of  the  innovative  marriage  of  new  and  existing  technologies 
and  the  adoption  of  the  best  practices  for  data  center  design  and 
operation.  The  winning  data  center,  and  team  that  runs  it,  will  be  an 
inspiration  to  other  companies  seeking  to  build  new  data  centers  or 
redesign  their  I.T.  operations.  You  should  enter  if  you  believe  your 
company  and  your  team  have  built  a  cutting-edge  data  center  that 
deserves  to  be  in  the  limelight. 


This  award  honors  the  company  whose  data  center  operations  are  built 
rock-solid  secure.  This  award  recognizes  the  company  that  has  built 
the  most  secure  data  center  using  new  and  existing  technologies  and 
the  best  practices  for  ensuring  security  in-depth.  You  should  enter  this 
award  if  your  company  has  made  a  significant  contribution  in  secure 
data  center  design  and  deployment,  and  if  you  have  real-world  examples 
of  how  your  data  center  withstood  an  attack  or  kept  running  in  the 
face  of  disaster. 


and  fill 


minati 


To  enter,  go  to  www.nwfiision.Gom/NDGawards  and  fill  out  a  nomination  form.  All  entries  must  be  submitted  by  Friday,  March  18.  Good 
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mu  COBIT,  CMM  ,  ISO  1  7799 
—  best  practices  abound  for 
managing  the  new  data  center. 
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new  data  center  architecture,  more  companies 


ied  in  formal  ll  frameworks.  At  stake  are 
service  quality,  security,  regulatory  compli¬ 


ance 


The  IT  Infrastructure  Library  ((TIL),  Control  Ob¬ 
jectives  for  Information  and  Related  Technology 
(COBIT),  Capability  Maturity  Model  Integration 
fCMMI)  and  ISO  17799  are  playing  the  biggest  roles 
m  the  creation  of  the  new  data  center.  “These  frame¬ 
works  were  written  by  different'  groups  at  different 
times  for  different  reasons  ,  .  ,  but  each  has  contri¬ 
butions  to  make  to  the  new  [virtualized]  data  cen¬ 
ter  savs  David  Pultorak,  president  of  Fox  IF  a  con¬ 
sulting  firm  specializing  in  IT  service  management. 

Pultorak  uses  ITIL  for  service  management  as  an 
example  of  how  an  FI  fiaim  work  can  serve  as  a 
steppingstone  to  the  new,  more  agile  data  center 
“The.  ITIL  framework  supports  defining  services  in  a 
way  that  is  distinct  from  the  technology  that  under¬ 
pins  them,  allowing  flexibility  in  what  technology 
components  are  used  to  support  and  deliver  the 
service,”  he  say; 

While  some  duplication  occurs  among  the  hann 
works,  they  are  more  complementary  than  overlap* 
ping  and  companies  often  employ  more  than  one. 


ensure  claims  processing  data  is  always  available. 

( Irganizing  around  services  “sets  the  stage  for  the 
linkages  between  business  and  IT  to  Ik-  automated, 
Pultorak  says.  "With  this  stage  set,  and  with  the 
right  infrastructure  and  management  technologies, 
previously  unimaginable  levels  of  data  center  agility 
will  (  able  greater  business  agility." 

At  Lockheed  Martin  Enterprise  Information  Ser¬ 
vices  (EIS),  ITIL  is  helping  IT  react  more  effectively 
when  dealing  directly  with  internal  customers,  says 
Kim  Sawyer,  vice  president  of  computing  and  net¬ 
work  services  at  the  Bethesda,  Md.,  company.  While 
still  In  the  early  phase  of  adopting  ITIL.  Lockheed 
Martin  EIS  supports  the  Lockheed  Martin  Enterprise 
Service  Desk,  incident  management  and  problem 
management  functions  via  ITIL,  she  says.  Change 
management:,  configuration  management  and  re¬ 
lease  management  are  on  the  ITIL  service,  manage¬ 
ment  dockc  she  adds. 

ITIL  best  practices  In  service-level  management, 
capacity  management  and  availability  manage¬ 
ment  are  key  for  service-delivery  functions.  Sawyer 
says.  having  a  common  language  and  under¬ 
standing  of  the  processes,  we  will  be  able-  to  deliver  a 
robust  and  reliable  infrastructure  foi  0111  i  ustomeisto 
perform  their  >bs." 

At  f  loinestore.a  provider  of  online  leal  estate*  sei\  ices 
ITIL  is  providing  better  measures  of  FI  sen  k  e  lew  Is  foi 
capacity  planning,  business  continuity  and  networking 
following  multiple  corporate  acquisitions,  sms  f%! 
DawleyOO  at  the  Westlake  Village  ,(  alii  .<  ompam.'lhe 
company  uses  a  variety  of  software  tools,  including 
Cendura’s  Cohesion,  to  achieve  ITIL  compliance! 

The  framework  also  will  help  Momostore  adopt  on- 
demand  cc  imputing  and  other  elements  of  the 
new  data  center.  I  law  ley  says. "I I  you're 
managing  a  more  complex,  decen¬ 
tralized  environment,  then  you’d 


Ma  aged  data  c<  r  ;ers 
and  flexible  capacity  can 
not  be  achieved  without 
sta  idardi;  a  ;ic  . 


Popular  in  Europe  for  years,  ITIL  is  gaining  atten¬ 
tion  at  U.S.  organizations.  The  framework  originates 
with  the  Central  Computer  and  Telecommunications 
Agency  (now  the  Office  of  Government  Commerce) 
in  the  L.K..  which  developed  his  set  of  best  prac¬ 
tices  standards  for  IT  service  management  in  the  late 
1 980s.  The  IT  Service  Management  forum,  a  global 
Organization  consisting  of  more  than  12,000  corpo¬ 
rate  and  government  members,  is  responsible  for 
advancing  IT  best  practices  through  the  use  of  ITIL. 

( )rganiz.ed  into  a  set  of  “books,”  ITIL  offers  a  cus¬ 
tomizable  framework  of  practices  to  provide  high- 
quality  service  to  internal  users.  ITIL  covers  func¬ 
tions  such  as  service  support,  softWa  e  support, 
computer  operations  and  security  management. 

“ITIL  is  applicable  to  the  data  center  because  com¬ 
panies  can  use  it  to  make  sure  they’re  doing  the 
right  things  in  terms  of  processes,”  Pultorak  says. 

For  example,  an  insurance  firm  with  a  service-ori¬ 
ented  data  center  could  use  ITIL  procedures  to 


—  KIM  SAWYER,  vice  president  of  computing  and 
network  services,  speaking  of  Lockheed  Martin 
EIS'  use  of  ITIL  and  other  IT  frameworks. 


It's  hard  to  get  the  boss  excited  about  new  servers. 
So  we'll  talk  about  saving  money  instead. 


Economical  HP  BladeSystem  solutions  feature  the  high-performance  Intel®  Xeon™  Processor.  And  they  let  you  do  more  with  less.  By 
sharing  and  pooling  servers,  storage  and  network  resources,  you  can  virtualize  and  automate  more  processes.  And  HP  BladeSystem 
solutions  not  only  offer  lower  total  acquisition  costs,  they  also  allow  the  same  number  of  people  to  manage  more  IT— offering  you  a 
better  return.  Normally,  upgrading  to  more  sophisticated  technology  comes  with  a  hefty  price  tag.  Instead,  you'll  get  more  expertise 
before  you  buy,  more  technology  when  you  buy  and  more  support  after.  None  of  which  will  cost  more. 


HP  ProLiant  BL30p  Blade  Server 


THE  SOLUTION 

THE  BENEFITS1 2 

9  2  Intel®  Xeon™  Processors  DP  up  to  3.20GHz/2MB’ 

0  High  density:  Up  to  96  servers  per  rack 
•  Flexible/Open:  Integrates  with  existing  infrastructure 

8  HP  Systems  Insight  Manager™:  Web*based 
networked  managment  through  a  single  console 

9  Rapid  Deployment  Pack:  For  ease  of  deployment 
and  ongoing  provisioning  and  reprovisioning 

9  23%  savings  on  acquisition  cost 
*  Up  to  19%  less  power  consumption 

9  Up  to  93%  fewer  cables 

9  43%  less  space  needed  for  same  processing  power 

9  Hot-swappable  server  design 

9  Single  interface  for  local  and  remote  management 
of  servers,  storage,  software  and  networking 

SAVE  $500  INSTANTLY 

with  the  purchase  of  any  HP  BladeSystem  enclosure.3 


Enhance  your  system. 


HP  StorageWorks 
MSA1500cs 

-  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

-  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

-  Ability  to  mix  SCSI  and  Serial  ATA 
enclosures  for  greater  flexibility 

-  2GB/ 1GB  Fibre  connections  to  host 

GET  UP  TO  2TB 
OF  STORAGE  FREE4 
(Save  up  to  $3,192) 


invent 


Contact  HP  today  for  a  free  IDC  white  paper:  Adapting 
to  Change:  Blade  Systems  Move  into  the  Mainstream 


CLICK 

www.hp.com/go/Bladesmag22 

CALL 

1-866-356-6088 

visit  your  local  reseller 


1 .  Intel's  numbering  is  not  a  measurement  of  higher  performance.  2.  Based  on  internal  HP  testing;  compared  to  similarly  configured  HP1 U,  2P  server.  For  configurator,  please  visit:  http://h30099.www3.hp.com/configurator/catalog-issipc.asp.  3.  Offer  valid  through  4/30/05. 4.  Receive  up  to  2TB  ol  storag  :  «  . 

of  select  HP  StorageWorks  MSA1500  devices.  Offer  ends  on  3/31/05.  See  Web  site  for  full  details.  Intel,  Intel  logo.  Intel  Inside.  Intel  Inside  Logo.  Intel  Centrino,  Intel  Centrino  Logo.  Celeron.  Intel  Xeon.  Intel  SpeedStep.  Itanium  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subs .. 

the  United  States  and  other  countries.  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  £  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 
Program  Included 

•  Larger  keyboard  and 
display  sizes  available 


COMI’UTJIWISE. 

Call  1-800-25S-3739  or  visit  www.eomputerwlse.eom 


The 


New  Data  Center:  A  STATUS  REPORT  www.nwfusion.com/ndcaOOB/statusreport  February  21 ,  5005 


Framework 

continued  from  page  S18 


age  those.  ITIL  gives  us  a  way  to  understand  [all  IT 
processes]. The  new  data  center  will  not  operate  effec¬ 
tively  until  we’ve  been  able  to  measure  and  monitor  all 
those  systems.” 


GOBIT 

Developed  in  1996  by  the  Information  Systems  Audit 
and  Control  Association  and  IT  Governance  Institute 
as  a  standard  for  IT  security  and  control  practices, 
COBIT  provides  a  reference  framework  for  IT,  security 
auditing  managers  and  users.  Now  in  its  third  edition, 
COBIT  is  growing  in  acceptance  as  a  good  practice  for 
control  over  data,  systems  and  related  risks.  It  helps 
companies  deploy  effective  governance  over  systems 
and  networks. 

COBIT’s  Management  Guidelines  component  consists 
of  tools  to  measure  a  company’s  capabilities  in  34  IT 
processes.  These  include  performance  measurement 
elements,  a  list  of  critical  success  factors  that  provides 
best  practices  for  each  IT  process,  and  maturity  models 
to  help  in  benchmarking. 

“COBIT’s  real  focus  is  on  whether  or  not  you  have  con¬ 
trols  in  place  that  ensure  you  are  compliant  with  rele¬ 
vant  regulatory  authorities,”  Fox  IT’s  Pultorak  says.  “It 
helps  organizations  determine  if  they  are  doing  what 
they  said  they  would  and  if  they  are  able  to  show  evi¬ 
dence  of  this.”  For  example,  if  a  corporation  said  it 
would  secure  entry  to  its  data  center  using  a  logon 
process,  it  can  show  completed  logs  for  a  given  period 
based  on  COBIT. 

The  standard  is  becoming  important  as  organizations 


work  to  be  compliant  with  the  Sarbanes-Oxley  Act  and 
other  regulations.  It’s  also  important  to  the  data  center 
because  it  offers  a  way  to  implement  controls  in 
processes. 

“COBIT  has  proven  to  be  an  excellent  tool  for  mea¬ 
suring  and  assessing  our  IT  controls,”  says  Sawyer  of 
Lockheed  Martin,  which  also  uses  CMMi  and  ISO  17799 
to  improve  its  processes  and  IT  service  levels.“Our  inter¬ 
nal  audit  group  has  effectively  used  it  to 
evaluate  the  management  of  our  infra¬ 
structure  and  to  identify  areas  for  im¬ 
provement  or  risk.” 

Homestore  uses  COBIT  as  part  of  its 
Sarbanes-Oxley  compliance  efforts,  Dawley 
says.  “It  fits  nicely  with  ITIL.  COBIT  allows  us  to  check 
our  ITIL  implementation  to  make  sure  we’re  addressing 
the  appropriate  risks  across  the  organization,”  he  says. 


IT  frameworks 


IS0 17799 

ISO  17799,  developed 
by  the  International 
Organization  for 

Standardization  in  2000, 
is  a  detailed  security 
standard  organized  into 
major  areas:  business 
continuity  planning,  sys¬ 
tem  access  control,  sys¬ 
tem  development  and 
maintenance,  physical 
and  environmental  secu¬ 
rity,  compliance,  person¬ 
nel  security  security  orga¬ 
nization,  computer  and 
operations  management, 


at;  a  glance 


IT  Infrastructure  Library  (ITIL):  Provides  best 
practices  standards  for  IT  service  management. 

Control  Objectives  for  information  and  Related 
Technology  (COBIT):  Delivers  a  reference  frame¬ 
work  for  control  over  data,  IT  systems  and 
related  risks. 


Capability  Maturity  Model  Integration  (CMMi):  Guides 
process  improvements  in  software  development, 
systems  engineering,  R&D  and  other  initiatives. 

ISO  17799:  Security  standard  for  business  conti¬ 
nuity,  access  control,  compliance  and  more. 


CMMi 

Published  by  the  Software  Engineering  Institute  at 
Carnegie  Mellon  University  in  1991,  CMMi  has  evolved 
into  a  framework  to  help  guide  process  improvements 
in  software  development,  systems  engineering  and 
R&D. 

The  framework  is  used  to  improve  the  quality  of  prod¬ 
ucts  and  services,  increase  development  efficiency  and 
reduce  the  risks  associated  with  development  projects. 
It  has  five  levels  of  organizational  “maturity’  with  each 
level  representing  a  set  of  best  practices  that  organiza¬ 
tions  must  implement  to  make  improvements. 

CMMi  can  be  helpful  for  new  data  center  efforts 
when  it  is  used  to  measure  the  relative  maturity  of  IT 
processes.  For  example,  before  the  IT  department  at  a 
retailer  began  operational  process  improvements,  it 

called  on  Fox  IT  to  assess 
maturity,  Pultorak  says. 


asset  classification  and  control  and  security  policy. 

In  fact,  ITIL’s  security  management  guidelines  are 
based  on  the  ISO  17799  standard. 

The  standard  establishes  best  practices  to  ensure 
that  business  operations  will  keep  running  if  a  systems 
outage  or  other  interruption  occurs;  to  control  access 
to  data,  systems  and  networks;  to  protect  the  confi¬ 
dentiality  cind  integrity  of  information;  to  prevent 
unauthorized  access  to  business  facilities;  and  to  com¬ 
ply  with  regulations. 


The  problem  manage¬ 
ment  process  was  imma¬ 
ture  while  the  incident 
management  process 
was  mature,  he  says. “This 
was  an  important  first 
step  ...  so  it  had  the  basis 
for  making  improve¬ 
ments  in  the  right  places 
and  in  the  right  measure,” 
he  says. 

At  Lockheed  Martin, the 
CMMi  Level  5  certifica¬ 
tion  achieved  last  year 
has  helped  the  company 
deliver  more  complete, 
reliable  software  to  inter¬ 
nal  users,  Sawyer  says. 


Beware  of  framework  overload 

All  the  IT  frameworks  are  generally  accepted  as  best 
practices,  experts  say  Adopting  them  for  data  center 
automation  lets  companies  align  processes  internally 
and  with  business  partners. 

“If  you  cook  up  your  own  thing,  it  becomes 
harder  to  integrate  with  others  and  harder  to  defend 
yourself  under  scrutiny  of  an  audit,”  Pultorak  says. 

Still,  firms  need  to  be  aware  of  framework  overload. 

“Companies  need  to  have  a  focus,  set  goals  for  im¬ 
plementing  frameworks  and  devote  adequate  project 
management  resources,”  Pultorak  says.  “If  you  overdo 
these  frameworks  and  misapply  them  or  are  not  sure 
what  the  implementation  is,  the  result  can  be  less  than 
satisfactory’ 

It  also  can  be  expensive.  Depending  on  the  scope, 
each  implementation  can  cost  global  companies  hun¬ 
dreds  of  thousands  of  dollars.  Costs  can  be  hard  to  pin 
down  because  they  include  expenses  such  as  training, 
consulting  and  software  products  that  support  the 
frameworks. 

Measuring  ROI  of  deployments  also  can  be  difficult. 
“Since  the  focus  is  on  process  improvements  —  not  just 
technology  assets  —  IT  managers  generally  don’t 
understand  how  to  do  an  ROI  assessment,”  says  Ruben 
Melendez,  president  of  Glomark  Group,  a  consulting 
firm  specializing  in  technology  ROI.  “Very  few  compa¬ 
nies  have  done  an  ROI  assessment  of  their  ITIL  [or 
other  framework]  implementations.”  Most  of  the  eco¬ 
nomic  benefits  come  from  higher  business  processes 
uptime,  he  says. 

Are  frameworks  essential?  Lockheed  Martin’s  Sawyer 
thinks  so.  “[Common  languages  and  disciplined 
processes]  are  the  groundwork  for  re-architecting  the 
data  center  for  the  future,”  she  says.  “By  speaking  the 
same  language,  we  are  able  to  move  more  quickly 
through  discussions,  thereby  reaching  decisions  in 
shorter  cycles.  Moving  toward  managed  data  centers 
and  flexible  capacity  cannot  be  achieved  without  stan¬ 
dardization." 


Violino  is  a  freelance  technology  writer.  He  can  be 
reached  at  buiolino@optonline.net. 
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There  May  Be  a  Hole 
in  Your  Data  Center's  Security. 


Raritan's  Dominion®  KX.  Safe,  Secure  and  Available  IT  Services 


Holes  in  Swiss  cheese  mean  the  cheese  is  ripe.  Holes  in  security  mean  you're  the  one  who's  ripe  -  for  problems.  Unlike  some 
other  KVM  providers,  Raritan  always  encrypts  all  KVM  traffic  -  keyboard,  mouse,  AND  video,  providing  the  most  secure 
solution  on  the  market.  And  the  Dominion  Series  helps  reduce  complexity  and  downtime,  while  increasing  productivity. 
Which  means  your  incident  response  and  problem  resolution  times  get  better.  Instead  of  smelling  like  bleu  cheese. 

For  your  copy  of  a  free  White  Paper: 

"Understanding  the  Security  Implications  of  Deploying  KVM  Over  IP" 

Call  1-800-724-8090  x1428  or  visit  us  at  Raritan.com/1428 
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When  you're  ready  to  take  control.™'-^ 


Command 

Center 


Dominion 

Series 
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The  KX  Digital  KVM  Switch 
is  a  core  building  block  of 
Raritan's  Complete  Data  Center 
Management  Solution. 


©  2005  Raritan  Computer,  Inc.  Raritan,  Paragon,  IP-Reach,  Dominion  and 
CommandCenter  are  trademarks  or  registered  trademarks  of  Raritan  Computer,  Inc. 


The  New  Data  Center:  A  STATUS  REPORT  www.nwfusion.com/ndcE005/Btatusreport  February  21,  S005 


THE  LAST  PIECE 


When 


rule 


the 


_  _  _  world 

Author  Geoffrey  Moore  explains  how  SGAs 
will  become  the  underlying  force  of  the  new 
data  center. 


■  BY  JULIE  BORT 

Geoffrey  Moore ,  known 
for  his  IT  marketing 
book,  Crossing  the  Chasm, 
is  widely  regarded  as  an 
industry  visionary.  Lately,  he  has  become 
one  of  a  handful  of  clear  voices  that  help 
corporations  and  vendors  redefine  their  IT 
infrastructure  goals  based  on  new  data 
center  technologies.  Because  the  global 
extended  enterprise  —  the  “ inter-enter- 
prise ” —  will  be  the  business  model  of  the  future,  network 
executives  should  be  crafting  long-term  architecture  plans  to 
ready  themselves  for  it,  Moore  says,  who  is  managing 
director  of  consulting  firm  TCG  Advisors,  founder  of  the 
Chasm  Group  and  a  venture  partner  at  Mohr  Davidow 
Ventures.  He  recently  discussed  the  new  data  center  with  Signature  Series 
Executive  Editor  Julie  Bort. 


of  innovations  out  of  the  existing  components  of  the  world.This  is  very  produc¬ 
tive.  If  you’re  stuck  in  a  client/server  system  you  can’t  participate  in  that. 

For  example,  the  traditional  approach  for  manufacturers  is  to  design,  source, 
build  and  sell.  But  in  an  SOA  world,  a  company  might  start  with  sourcing:  find 
out  which  are  the  lowest-cost  parts  it  can  source,  figure  out  what  it  can  design 
with  those  parts, sell  the  design  ideas  and  only  build  what  customers  will  buy 

How  does  a  SOA  affect  the  rest  of  the  stack? 

If  you  implemented  just  in  software,  you  would  bring  the  entire  world  to  its 
knees.  Multiple  revolutions  of  semiconductor  chip  redesigns  will  be  required  to 
handle  service-oriented  processes.The  classic  microprocessor  architecture  that 
Intel  dominated  is  going  to  become  much  less  relevant.  More  relevant  will  be  a 
network  processing  style  of  architecture.  Everything  is  going  to  become  a  router. 
Router  chip  ASICs  are  going  to  become  more  central  to  the  design/architecture 
of  systems  than  the  compute  cycles  of  a  microprocessor.This  means  that  a  com¬ 
pany  like  Cisco  is  going  to  run  head-on  to  a  company  like  Sun  because  both  are 
going  to  want  to  build  the  machines  that  handle  all  this. 


■  Advisors  envisions  a  new  computing  model  for  when  the  inter-enterprise  becomes  the 
basis  of  ail  IT  infrastructure  (see  graphic  below).  Where  can  we  expect  the  most  change? 

All  the  action  is  going  to  be  in  the  middle  [layer]  in  preparation  for  a  signifi¬ 
cant  change  at  the  top  in  about  five  years.  We  are  all  [preparing]  for  a  new  busi¬ 
ness  model:  the  inter-enterprise  network  value  chain.  For  the  inter-enterprise  net¬ 
work  value  chain,  traditional  business  applications  need  to  be  re-architected  so 
they  can  cross  company  boundaries.  When  people  look  at  this  re-architecting, 
they  see  two  huge  barriers:  the  middleware,  because  our  software  doesn’t  work 
this  way  and  the  business  process  layer,  because  people  don’t  have  a  lot  of  expe¬ 
rience  [with  it], There  will  be  a  fair  amount  of  trial  and  error  before  we  figure 
this  out.  Even  thought  leaders  are  struggling. 


What  should  network  executives  be  doing  now  to  ensure  they  are  building  a  viable  archi¬ 
tecture  for  the  new  data  center? 

It  behooves  them  to  have  a  business  architecture  that  would  imply  a  software 
and  a  hardware  architecture  underneath  it.  And  it’s  a  10-year  [plan]  —  this  isn’t 
going  to  be  a  short-term  thing.  ■ 

Moore’s  next-generation 
stack 

When  the  extended  enterprise  becomes  the  basis  for  ail  IT 
infrastructure,  this  conceptual  model  will  emerge. 


Tell  me  about  the  middleware  barrier  -  that  our  software  doesn't  work  this  way  -  isn't 
that  the  reason  for  service-oriented  architectures  (SOA)? 

Absolutely  [Enterprise]  software  is  set  up  to  work  on  a  client/server  structure 
in  a  single  corporation  dividing  the  presentation  layer  from  the  compute  and 
data  layers.  The  goal  has  been  managing  information.  We’re  shifting  from  man¬ 
aging  information  to  managing  processes.  Information  is  an  important  attribute 
in  process  management,  but  it’s  not  the  goal.  So  trying  to  turn  data  into  infor¬ 
mation  is  the  wrong  way  to  look  at  the  problem.  What  we  are  trying  now  is  to 
manage  processes  across  multiple  states,  where  any  portion  of  the  process  can 
be  in  multiple  states.  So  you  have  to  keep  state  —  which  is  a  computing  idea  — 
and  you  have  to  coordinate  actions  among  self-managing  logic.  That’s  the  ser¬ 
vice-oriented  architecture  paradigm. 

The  concept  behind  SOA  isn't  new.  What  has  changed  to  make  it  more  valid  this  time? 

Globally  the  low-cost  economy  of  Asia  is  now  coming  online  and  Asian  ven¬ 
dors  are  a  resource  to  the  highly  developed  economies  for  cost  reduction.  So, 
on  the  one  hand, you  want  to  reach  out  to  this  system  to  lower  your  own  [costs] . 
But  the  very  same  vendors  are  going  straight  to  your  customers  and  so  they  are 
commoditizing  industries  that  for  a  long  time  had  high  margins.These  include 
the  PC  industry  —  witness  IBM  exiting  to  Lenovo  —  consumer  electronics, 
appliances,  furniture  and  apparel. Those  industries  now  have  to  reinvent  them¬ 
selves.  This  architecture  is  going  to  be  necessary  to  recombine  the  world  into 
something  newly  valuable  that  hasn’t  been  done  yet.  What  service-oriented 
architectures  let  you  do  is  recombine  —  they  are  like  Legos  —  to  make  all  kinds 
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More  online! 

Along  with  Network  World  Editorial  Director  John  Gallant,  Moore 
leads  IDG  Events'  annual  Vortex  conference,  a  summit  on  the 
future  of  IT.  Go  to  www.nwfusion.com  for: 

•  Moore’s  "Orchestrating  the  Stack"  keynote  presentation  from 
Vortex  2004.  DoeFinder:  5922 

*  Advance  info  on  Vortex  2005.  DoeFinder:  5921 


CONSTANT. 

CONTROL. 


WITH  THE  DS  SERIES,  YOU  ARE  ALWAYS  IN  CONTROL. 

Local  data  centers.  Remote  offices.  Branch  locations.  They  are  all  within  your  reach.  The  company  who 
invented  KVM  over  IP  just  made  it  better. 

No  more  trips  back  to  the  office.  With  the  all  new  DSView^3  software,  you  can  control  servers 
and  serial  devices  from  a  single  browser  interface  -  you  can  even  power  cycle  or  watch  the  servers 
reboot.  Since  we  load  balance  user  authentication  for  multiple  sites,  you  get  faster  performance  and 
quick  access. 

You  know,  you  might  even  be  able  to  take  lunch.  For  a  virtual  tour  of  secure,  smarter  switching  from 
Avocent,  go  online  to  www.avocent.com/control  or  call  1-866-286-2368. 

Avocent,  the  Avocent  logo,  OSView  and  The  Power  of  Being  There  are  registered  trademarks  of  Avocent  Corporation.  Copyright  ©  2005  Avocent  Corporation. 


Avocent. 

The  Power  of  Being  There* 


64-bit  Intel® Xeorf  processors.  In  business,  you’ll  find  more 
servers  powered  by  the  Intel  Xeon  platform  than  any  other. 
For  some  very  powerful  reasons:  Today’s  Intel  Xeon 
platform  is  engineered  for  power  savings,  high  flexibility  and 
high  performance.  Now  supporting  both  32-  and  64-bit  applications, 
the  Intel  Xeon  processor  can  do  amazing  things  for  your  business,  too. 

Get  the  powerful  details  at  intel.com/go/xeon. 


Support  for  Improved  Flexible  memory, 

32-  and  64-bit  power-saving  I/O  and  storage 

applications  options  configurations 


©2005  Intel  Corporation.  Intel.  Intel  Inside,  the  Intel  Inside  logo,  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  All  rights  reserved. 


UPSD  saves  cell  phone  power 


Uplink  Poll-Based  Power  Save  Delivery 

The  Seamless  Converged  Communication  Across 
Networks  Forum’s  UPSD  specification  modifies  the 
power-save  mode  of  802.11  to  let  a  mobile  device  control 
when  it  wakes  up  and  when  it  goes  to  sleep. 


HOW  IT  WORKS 


Packets  destined  for  the 
handset,  which  is  in  sleep 
mode,  come  in  and  are 
buffered  at  the  access 
point. 


The  handset  comes  out  of 
sleep  mode  and  transitions 
into  transmit  mode  by  sending 
a  packet  to  the  access  point. 


The  access  point  then 
sends  buffered  packets 
to  the  handset. 


The  handset 
resumes  sleep 
mode. 


■  BY  LYNN  LUCAS 

The  popularity  of  VoIP  and  the  conver¬ 
gence  of  Wi-Fi  and  cellular  environments 
have  driven  the  development  of  specifica¬ 
tions  that  improved  voice  quality  on  dual¬ 
mode  Wi-Fi/cellular  handsets.  While  the 
original  802.11  protocol  was  designed 
with  an  optional  power-save  mode  to  min¬ 
imize  battery  usage  in  portable  devices, 
this  was  not  enough  to  handle  the  QoS 
required  for  Wi-Fi/cellular  handsets. 

The  Seamless  Converged  Communica¬ 
tion  Across  Networks  (SCCAN)  Forum,  an 
organization  of  vendors,  has  recognized 
the  need  to  enhance  that  power-save 
mechanism  with  a  new  specification, 
Uplink  Poll-Based  Power  Save  Delivery 
(UPSD). 

A  wake-up  call 

The  current  802.11  power-save  mode 
keeps  client  devices  in  receive  mode 
unless  they  are  transmitting.  While  trans¬ 
mit  mode  causes  the  highest  power  drain, 
receive  also  is  a  high  power-drain  state, 
because  it  keeps  the  receive  radio  circuits 
powered.  With  power-save  mode  on,  a 
client  indicates  to  an  access  point  that  it 
desires  to  go  into  sleep  mode  and  the 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


access  point  will  buffer  packets  for  it. 

Sleep  mode  powers  only  a  timing  circuit 
in  the  radio  and  thus  consumes  much  less 
power.  In  sleep  mode,  a  client  wakes  up  at 
regular  intervals  based  on  the  beacon 
period  of  an  access  point  to  see  if  it  has 
packets  buffered  for  it.  If  the  access  point 
has  packets  for  the  client,  it  will  stay  in 
receive  mode.  If  not,  it  returns  to  sleep 
mode.  Clearly,  this  is  a  better  method  than 
the  mobile  device  being  in  receive  mode 
all  the  time  and  waiting  for  packets. 

However,  the  power-save  mode  still 
leaves  access  points  in  control  of  when 
and  how  often  mobile  devices  should 
awaken.  For  cell  phones  and  other  small 
devices  with  limited  battery  space,  this 
method  doesn’t  provide  the  savings  they 
need  to  maintain  talk  and  standby  times 


consistent  with  what  we’ve  come  to 
expect  from  cell  phones. 

With  UPSD,  the  SCCAN  Forum  has  modi¬ 
fied  the  power-save  mode  to  give  mobile 
device  clients  control  over  when  they 
awaken  and  sleep.  In  this  mode,  a  client 
polls  an  access  point  at  intervals  it  deter¬ 
mines.  If  the  access  point  has  packets 
buffered  for  the  client,  it  will  send  them; 
otherwise,  the  client  will  go  back  into 
sleep  mode.  The  access  point  also  will 
send  packets  downstream  to  the  client 
any  time  it  receives  a  packet  from  the 
client. 

A  key  aspect  of  UPSD  is  mobile 
devices’  voice  awareness.  Handsets  are 
aware  of  the  timing  they  need  between 
deliveries  of  voice  packets.  Software  with¬ 
in  a  cell  phone  processes  the  voice  con¬ 


versation,  turning  it  into  bits  of  informa¬ 
tion.  For  example,  20  millisec  of  voice 
communication  could  be  transformed 
into  a  number  of  bits  that  could  be  sent 
over  a  high-speed  link  in  significantly 
less  time  than  that  original  20  millisec.  At 
the  other  end,  a  voice  decoder  could 
play  back  the  bits  so  they  sounded  like 
one  continuous  voice  stream,  with  no 
interruption.  The  rest  of  the  circuitry  in 
the  cell  phone  would  go  into  sleep  mode 
during  the  voice  call, which  maximizes 
battery  savings. 

With  UPSD,  the  SCCAN  Forum  has  built 
upon  standards,  such  as  IEEE  802.11, 
Session  Initiation  Protocol  and  GSM.  The 
individual  companies  within  SCCAN  also 
submitted  these  enhancements  as  pro¬ 
posals  to  standards  organizations.  In  this 
case,  the  SCCAN  Forum’s  UPSD  has 
helped  to  create  and  define  the  Unsched¬ 
uled  Automatic  Power  Save  Delivery  spec¬ 
ification  included  in  the  draft  IEEE 
802.1  le  standard,  which  is  due  for  ratifica¬ 
tion  this  year. 

Moving  forward 

The  next  step  is  a  migration  to  this  rati¬ 
fied  standard,  vendor  support  for  deliver¬ 
ing  conforming  access  points  and  hand¬ 
sets,  and  eventually  certification  through 
an  organization  such  as  the  Wi-Fi  Alliance. 
Through  the  SCCAN  Forum’s  efforts  to 
drive  these  technology  advances  toward 
standards,  users  could  soon  experience 
excellent  voice-over-Wi-Fi  performance 
and  seamless  mobility  between  Wi-Fi  and 
cellular  networks. 

Lucas  is  vice  president  of  product  mar¬ 
keting  for  Proxim.  She  can  be  reached  at 
llucas@proxim.  com. 


Dr.  Internet 


By  Steve  Blass 


Is  it  possible  to  set  up  a  home  wireless  network 
without  buying  a  wireless  router?  I  want  to  lever¬ 
age  a  wireless  access  point  I  don't  mind  a  static 
setup  on  the  home  PC  but  I  don't  know  how  to 
work  around  the  network  address  translation 
issues  without  using  a  real  router.  I  have  two 
Windows  XP  laptops,  one  with  Ethernet  and  wire¬ 
less,  the  other  with  Wi-Fi  only.  My  third  computer 
is  a  Macintosh.  The  wireless  access  point  has  one 
Ethernet  port,  and  I  have  an  Ethernet  hub. 


You  might  be  able  to  use  the  XP  laptop  with  Ether¬ 
net  and  wireless  as  the  router,  using  Windows  In¬ 
ternet  Connection  Sharing,  to  provide  a  network 
bridge  between  a  wireless  LAN  and  the  broadband 
connection  plugged  into  the  Ethernet  port.  Micro¬ 
soft  documentation  on  this  is  available  at  www.nw 
fusion.com,  DocFinder:  5929,  and  there  is  another 
good  tutorial  at  DocFinder:  5920.  Data  on  using 
ICS  with  the  Macintosh  is  available  at  DocFinder: 
5930.  Enabling  ICS  on  the  Ethernet  interface  of  the 


XP  laptop  will  perform  the  role  of  a  DHCP  server 
for  your  wireless  LAN,  plus  the  router  functions. 
Make  sure  your  wireless  access  point  is  not  config¬ 
ured  to  be  a  DHCP  server.  Follow  the  steps  in  the 
documentation  to  enable  the  network  bridge,  and 
power  up  the  second  laptop  to  test  the  connection. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr  internet® 
changeatwork.  com. 
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Technology  Update 


Dinner  a  la  Chez  Gearhead 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Welcome  to  Chez  Gearhead,  your 
table  is  ready  Please,  walk  this  way. 
. .  .Ah, sir  and  madam, you  say  you 
could  not  walk  that  way  without  the  tal¬ 
cum  powder?  Most  droll,  if  we  might  ven¬ 
ture  an  opinion.  Anyway,  today  we  have  a 
wonderful  menu  for  you. . . . 

First,  an  amuse-bouche  to  titillate  the 
palate:  After  our  discussion  the  week 
before  last,  wherein  reader  Don  Jane¬ 
way  raised  the  question  of  how  to  boot 
a  Live  CD  on  a  machine  that  doesn’t 
support  CD  booting,  reader  Chris  Lucht 
might  have  a  solution:  “1  found  an  even 
easier  way  on  the  Debian  3.0r3  CD  #1. 
It’s  a  floppy  image  for  the  Smart  Boot 
Manager  boot  disk,  which  boots  up  to  a 
menu  that  asks  where  you  want  to  boot 
from,  such  as  a  hard  disk,  floppy  or  CD- 
ROM  (see  www.nwfusion.com,  Doc- 
Finder:  5931,  for  details).  This  is  easier 
than  making  Linux  boot  floppies  since 
you  only  need  one  disk,  and  it  will  work 
for  all  of  your  CDs.” 


We  haven’t  had  a  chance  to  try  this  out 
yet  but  it  looks  good.  It  also  looks  like  one 
of  those  things  you  really  need  to  have  in 
your  tool  kit. 

Which  leads  us  to  the  question  of,  what 
is  in  your  tool  kit?  And  what  do  you  have 
tool  kits  for?  What  we'd  like  to  see  from 
each  of  you  —  yes,  each  and  every  one  of 
you  —  is  a  list  of  your  tools,  where  they 
come  from,  what  they  are  good  for  and 
what  they  cost.  Drop  us  a  note  outlining 
your  equipment. 

Next  on  the  menu  is  another  question: 
What  is  the  world-record  over-clocking 
speed?  The  previous  record  we  knew 
about  was  the  “5  GHz  Project:  CPU 
Cooling  With  Liquid  Nitrogen”  dated 
December  2003  (DocFinder:  5932).  This 
project  uses  a  liquid  nitrogen  cooling  sys¬ 
tem  (natch)  to  chill  an  Intel  P4  to  minus 
196  F  to  achieve  a  clock  speed  of  5.25 
GHz. 

But  then  we  found  a  forum  thread  at 
XtremeSystems  dated  Feb.  12,  2005,  that 
told  us  someone  named  “Fugger”  using  a 
custom-made,  three-phase,  vapor-phase 
CPU  cooler  (DocFinder:  5933)  over¬ 
clocked  an  Intel  P4  running  in  BIOS  at  an 
insane  7.2  GHz  and  followed  that  up  with 
a  new  world-record  benchmark  perfor¬ 
mance  of  6.3  GHz. 


For  a  discussion  of  the  engineering 
involved  there  are  a  number  of  posts  to 
the  XtremeSystems  forums  (DocFinder: 
5934)  that  discuss  the  system’s  perfor¬ 
mance  issues  and  problems.  Let  us  know 
if  you  find  out  more  details  or  know  of 
anything  more  impressive. 

And  now  for  the  main  course:  We  just 
read  that  LCD  monitors  are  about  to  get 
a  whole  lot  better.  Manufacturers  such 
as  Benq,  ViewSonic  and  Samsung  have 
rolled  out  LCD  displays  with  a  response 
time  of  8  millisec,  which  places  them 
squarely  in  the  visual  quality  range  of 
good  ol’  CRT  displays. 

What  is  this  millisecond  stuff  about, you 
might  ask?  Good  question.  It  refers  to  the 
refresh  rate  that  a  display  can  handle,  and 
if  you  push  a  display  beyond  its  maxi¬ 
mum  refresh  rate  you’ll  get  blurring  and 
jaggies,  which  will  significantly  degrade 
the  image. 

Thus,  a  16.6  millisec  (that  is,  60  Hz) 
refresh  rate  allows  for  a  maximum  frame 
rate  of  60  frames  per  second.  A  good-qual¬ 
ity  CRT  can  run  at  better  than  10  millisec 
(100  Hz). 

Given  that  the  last  generation  of  LCDs 
had  a  maximum  12  millisec  (83  Hz) 
refresh  you  can  see  why  CRTs  have  tradi¬ 
tionally  won  out  in  professional  settings 


www.nwfusion.com 


such  as  high-end  graphics  and  medical 
applications. 

But  with  an  8-millisec  refresh  rate,  LCD 
displays  spell  the  demise  of  CRTs:  Not 
only  is  their  display  quality  as  good,  but 
when  you  compare  CRTs  with  LCDs  of 
the  same  screen  size,  LCDs  are  physical¬ 
ly  smaller,  weigh  less  and  consume  less 
power.  Soon  you’ll  be  saying  to  your 
kids  “Yep,  we  used  to  use  displays  based 
on  cathode  ray  tubes,”  and  they’ll  be 
wondering  how  an  antique  like  you  can 
still  cut  it. You  won’t  care,  you’ll  be  rich 
from  having  invested  in  LCD  manufac¬ 
turers.  . . 

Oh,  our  regrets,  sir  and  madam,  we’re 
afraid  we  only  have  time  for  a  small 
dessert:  Almost  a  year  ago  in  our  Network 
World  Web  Applications  newsletter 
(DocFinder:  5936),  we  wrote  about  On- 
folio,  a  tool  for  capturing,  reading  and  sav¬ 
ing  newsfeeds  as  well  as  publishing  news- 
feed  items  to  e-mail,  blogs  and  Web  sites. 
A  new  version  has  just  been  released,  and 
it  is  excellent. 

So  that’s  the  end  of  today's  dining  plea¬ 
sure.  Send  you  compliments  to  the  chefs  at 
gearhead@gibbs.com,  and  the  antacid 
tablets  are  in  that  big  bowl  in  the  foyer  We 
hope  to  see  you  again  next  week. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Turn  your  laptop  into  a  desktop 

IOGear  recently  launched  its  USB  2.0  Docking  Station, 
a  stand  that  lets  users  turn  their  laptops  into 

a  desktop  by  providing  extra  _ _ 

ports.  The  stand  costs  $90  and 
is  now  available  from 
resellers,  online  stores  and 
retailers,  IOGear  says. 

The  docking  station  includes 
an  Ethernet  port,  two  PS/2  ports, 
audio-in  and  -out  jacks,  a  serial  port  and 
three  USB  2.0  ports.  Designed  to  reduce  cable 
clutter, all  of  the  ports  are  in  the  back  of  the  stand,  IOGear 
says.  Users  set  the  laptop  on  the 
slightly  elevated  stand  to  deliver 
increased  ventilation  and  cool¬ 
ing,  which  extends  the  battery 
life,  according  to  IOGear. The  in¬ 
creased  elevation  also  helps  cre¬ 
ate  a  more  comfortable  wrist  position  for  typing,  the 
company  adds. 

The  stand  works  with  Windows  98  (second  edition),  ME, 
2000  and  XP  laptops,  and  comes  with  a  three-year  warran¬ 
ty  More  details  are  available  at  the  IOGear  Web  site. 

Palm-sized  projector  set  for  July  release 

A  projector  that  fits  in  the  palm  of  your  hand  will  be 


The  USB  2.0  Docking  Station  comes  with 
an  Ethernet  port,  two  PS/2  ports,  audio-in 
and  -out  jacks,  a  serial  port  and  three  USB 
2.0  ports. 


available  in  July  (for  $699)  from  Mitsubishi  Digital 
Electronics  America.  The  PocketProjector  weighs  14 
ounces  and  can  project  a  40-inch  screen  with  less  than 
3  feet  of  projection  distance,  the  company  says. 

Mitsubishi  says  the  projector  will  be  marketed 
toward  displaying  digital  camera  images,  handheld 
gaming  and  connecting  a  portable  DVD  player.  But  we 
can  also  see  people  hooking  up  their  laptops  to  the 
device  for  presentations.  Three  Lumileds  LEDs  (red, 
green  and  blue)  light  the  projector  to  produce  an 
SVGA  (800  by  600  pixel  resolution)  image,  Mitsubishi 
says. The  company  says  the  projector  has  a  lamp  life  of 
about  20,000  hours  —  with  an  average  use  of  five 
hours  per  day,  that’s  more  than  10  years  of  usage,  the 
company  says. 

Zone  Labs  aims  to  secure 
wireless  users 

Zone  Labs 
recently 
announced 
availability  of 
its  ZoneAlarm 
ireless  Security 
jj  software,  which  com¬ 
bines  its  Zone  Labs  fire¬ 
wall  with  wireless  network 
security  and  e-mail  protection.The  sys¬ 
tem  can  automatically  detect  and  pro¬ 
tect  both  wireless  and  wired  network 
connections,  the  company  says.The  software  is  available 
for  $30  for  a  single  user  at  the  Zone  Labs  Web  site. 

The  software  is  aimed  at  mobile  PC  users  and  those 
who  connect  to  home  or  small  office/home  office  net¬ 
works,  Zone  Labs  says.  Users  can  tell  the  application  to 
put  unsecured  networks  into  a  “safe  zone,”  which  ensures 
maximum  security  whenever  new  wireless  networks  are 
accessed.  When  connecting  to  a  Wired  Equivalent 


Privacy-  or  Wi-Fi  Pro¬ 
tected  Access-enabled 
network,  users  can  put 
the  connection  into 
the  “safe  zone”  or  a 
“trusted  zone,”  the 
company 
adds. 

Other 
features 
include 
f  i  r  e  w  i 
designed  to  protec 
the  PC  from  inboun 
attacks,  a  program  to  stop 
Trojan  horses  and  spy- 
ware,  and  MailSafe,  which 
helps  quarantine  suspi¬ 
cious  e-mail  attachments. 


Plustek’s  high-powered 
OpticSIim  Ml 2  eolor  scanner 
is  small  enough  to  fit  in  a 
notebook  bag. 


Power  scanning  for 
mobile  road  warriors 


Plustek  recently  launched  the  OpticSIim  M12,  a 
mobile  sheet-fed  color  scanner  that  offers  high-power 
scanning  in  a  mobile  setting.  The  USB  device  can  scan 
A4-size  documents,  doesn’t  have  a  power  cord  (it  gets 
power  from  the  USB  port), and  is  small  enough  to  fit  into 
a  notebook  bag  (it  weighs  less  than  12  ounces).  The 
OpticSIim  M12  costs  $129  and  will  begin  shipping  by 
the  end  of  this  month. 

The  scanner  offers  600  dpi  optical  resolution  with  48- 
bit  color  depth,  Plustek  says.  Bundled  software  helps 
users  scan  documents,  photos,  business  cards,  articles 
and  brochures.  Plustek  says  the  device  has  an  on-board, 
self-feeding  motor  that  can  scan  at  about  three  pages 
per  minute. 


Shaw  can  be  reached  at  kshaw@nww.com. 
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Solutions  for  the  adoptive  enterprise. 


invent 


HP  Integrity  servers 

For  more  information  on  managing  complex  multi-OS  environments  with  HP  Integrity  servers,  visit  hp.com/go/integrityl 
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ON  TECHNOLOGY 

John  Dix 

Linux:  Ready, 
willing  and 
able 


Some  of  the  industry's  most  powerful  vendors  came 
to  the  LinuxWorld  Conference  and  Expo  in  Boston 
last  week  with  a  simple  message:  Linux  is  ready  for 
prime  time. 

“2005  will  be  a  watershed  year  Computer  Associates’ 
new  President  and  CEO  John  Swainson  said  in  a  keynote 
address.“For  the  first  time, you’ll  be  able  to  build  and  de¬ 
ploy  an  enterprise-class  application  using  only  open 
source  technology’  Before  taking  over  CA  in  November, 
Swainson  was  vice  president  of  worldwide  sales  for  IBM’s 
Software  Group. 

Daniel  Frye,  vice  president  of  IBM’s  Linux  Technology 
Center,  says  simply, “Linux  is  enterprise-ready  It  is  a  high- 
quality,  high-performance  and  secure  operating  system.” 

IBM  has  600  people  in  Linux  development,  and  it  is  a 
multibillion-dollar  business,  Frye  says. “Two  to  three  years 
ago  Linux  was  being  used  to  support  individual  applica¬ 
tions,  file  and  print,  etc.  Now  it’s  being  used  to  support  com¬ 
plex  databases  and  a  broad  variety  of  applications,  even 
risk  analysis  on  Wall  Street.” 

He  estimates  that  there  are  6,000  business  apps  available 
for  Linux  today  vs.  a  few  hundred  when  IBM  got  into  the 
business  six  years  ago. 

Novell  CEO  Jack  Messman  said  in  a  keynote  that  part  of 
Linux’s  appeal  is  a  common  code  base  that  ultimately  will 
extend  from  the  data  center  to  the  server  to  the  desktop, 
simplifying  IT  Novell  already  has  3,600  of  its  6,000  desktops 
running  Linux. 

For  most  users,  however,  Linux  isn’t  an  option  on  the 
desktop,  and  limitations  remain  that  preclude  its  use  in 
some  situations.  For  high-availability  applications,  for  exam¬ 
ple,  there  is  more  work  to  do,  says  IBM’s  Frye. 

But  the  most  troubling  questions  about  Linux  aren’t  tech¬ 
nical,  but  legal  in  nature.  While  IBM  says  the  ongoing  SCO 
litigation  has  no  effect  in  the  marketplace,  and  Novell  and 
others  offer  to  indemnify  customers  (IBM  does  not),  the 
SCO  suit  might  only  be  the  tip  of  the  iceberg. 

Open  source  expert  Bruce  Fterens,  author  of  15  books  on 
the  subject, said  at  a  LinuxWorld  news  conference  he  was 
recently  recruited  as  an  expert  witness  for  what  was 
described  as  “the  defining  Linux  patent  infringement  case” 
(he  was  later  rejected  because  of  conflicts  of  interest). 

That  dark  cloud  aside,  the  open  source  movement  has  a 
full  head  of  steam, and  it  certainly  looks  like  Linux  has 
found  a  home  in  the  enterprise.lt  will  prevail  because  of  its 
transparency,  says  MySQL  CEO  Marten  Mickos.“With  open 
source, all  problems  are  known,  which  puts  power  in  the 
hands  of  customers.” 
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On  Jan.  17  —  the  birthday  of  Anita  Borg,  founder  of 
the  Institute  for  Women  and  Technology,  and  the 
holiday  celebrating  the  birth  of  Martin  Luther  King 
Jr. —  I  was  at  home  reading  e-mail  when  my  in-box 
exploded.  The  previous  Friday,  speaking  at  a  meet¬ 
ing  of  the  National  Bureau  of  Economic  Research, 
Harvard  University  President  Lawrence  Summers 
had  suggested  that  perhaps  genetic,  rather  than 
social,  differences  explain  why  so  few  women  are 
successful  in  the  fields  of  science  and  math.  The 
Boston  Globe  story  that  discussed  Summers’  com¬ 
ments  took  the  science  and  technology  communi¬ 
ty  by  storm.  The  ensuing  e-mail  conversation, 
media  attention  and  energy  were  the  most  signifi¬ 
cant  I’ve  seen  since  taking  over  the  Anita  Borg 
Institute  two  years  ago. 

Regardless  of  what  you  think  about  Summers’ 
comments, they  present  a  unique  opportunity  to  talk 
deeply  about  the  issues  our  world  faces  in  changing 
the  way  we  approach  technology,  the  kind  of  tech¬ 
nology  we  develop  and  the  diversity  of  the  people 
who  are  developing  technology  This  is  a  chance  for 
academic  institutions  to  talk  about  and  develop 
new  ways  to  explore  and  teach  technology  These 
are  the  ideas  that  matter  to  me,  that  matter  to  the 
institute  and  that  matter  to  our  community  and 
world. 

Summers  was  asked  to  make  his  remarks  provoca¬ 
tive,  and  in  doing  so  he  provided  us  with  an  impor¬ 
tant  reminder  of  the  power  of  words  and  the  unin¬ 
tended  impact  they  can  have  on  today’s  and  tomor¬ 
row’s  leaders.  In  the  Anita  Borg  Institute’s  events  and 
programs,  we  are  often  provocative  because  we  cel¬ 
ebrate  the  accomplishments  of  women  in  technol¬ 
ogy  and  proactively  challenge  the  status  quo.  In 
doing  so,  we  are  empowering  today’s  leaders  and 

E-mail  tetters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


motivating  and  inspiring  future  leaders. 

After  reading  the  press,  you  might  be  wondering 
what  you  can  do  to  help  in  this  mission.  Here  are 
some  suggestions: 

•  Question  the  status  quo.  The  culture  of  our  cor¬ 
porate  and  academic  institutions  is  changed  by 
those  who  see  opportunities  and  take  action. 

•  Spend  time  with  someone  who  has  promise. 
Each  of  us  can  have  a  profound  effect  on  others  by 
spending  quality  time  with  them.  Find  someone 
who  is  in  the  early  stages  of  their  career,  listen  to 
them  and  share  your  own  experience. 

•  Let  us  know  your  thoughts.  We  will  post  all 
thoughtful  responses  on  the  institute’s  Web  site, 
www.anitaborg.org. 

•  Support  organizations  you  believe  in.  In  addition 
to  the  Anita  Borg  Institute,  there  are  many  organiza¬ 
tions  that  are  making  a  difference. We  see  the  impact 
of  the  Grace  Hopper  Celebration  of  Women  in 
Computing,  Systers  and  the  Institute  for  Women  and 
Technology’s  Virtual  Development  Centers  every 
day.  There  is  the  Computer  Research  Association 
Committee  on  the  Status  of  Women  in  Computing 
Research’s  graduate  cohort  program,  MentorNet, 
and  the  promise  of  the  new  National  Center  for 
Women  and  IT. 

•Volunteer  your  time.  Spend  your  valuable  time  on 
an  effort  that  makes  a  difference.  If  you  don’t  know 
where  to  volunteer,  visit  our  Web  site  —  we  have 
plenty  for  you  to  do. 

Anita  had  a  vision  that  lives  on  through  the  insti¬ 
tute.  She  believed  in  a  world  where  technology  had 
a  positive  effect  on  people,  where  women  were 
equal  partners  in  the  design  of  the  technology  of  the 
future.  We  believe  we  have  a  real  opportunity  to 
make  a  difference,  but  we  need  to  think  about  tech¬ 
nology  differently  —  together. 

Telle  Whitney 
President  and  CEO 
Anita  Borg  Institute  for  Women  and  Technology 

Palo  Alto,  Calif. 
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—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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BOTTOM  LINE 

Joel  Snyder 

I  just  completed  a  grueling  VPN  project  in 
Western  Europe.  Working  in  five  coun¬ 
tries  in  four  weeks  gave  me  new  insights 
into  the  concept  of  mobility  —  insights  that 
go  counter  to  what  I  have  been  hearing  from 
IT  and  security  people  in  the  U.S.  for  the  past 
few  months. 

The  first  surprise  was  the  relative  scarcity  of  Pocket  PC  devices  in 
Europe.  In  the  U.S.,you  can’t  turn  around  in  an  airport  or  at  a  meet¬ 
ing  without  seeing  a  Windows  Mobile  device,  either  by  itself  or 
incorporated  into  a  mobile  phone.  I  saw  a  few  of  these  in  Europe,  but 
I  also  saw  a  lot  more  Nokia  Communicators  and  other  smart  mobile 
phones  being  used  as  mobile  work  devices.  Using  Bluetooth,  I  would 
scan  bars,  restaurants,  hotel  lobbies  and  even  train  stations  to  see 
who  was  advertising  their  presence.Virtually  everywhere,  I  could  pick 
up  the  evanescent  aura  of  some  very  smart  and  expensive  devices, 
in  a  density  I  never  see  in  the  U.S. 

What  does  this  mean  for  network  and  security  managers?  If  your 
job  includes  supporting  a  European  contingent,  don’t  assume  that 
your  mobile  users  are  running  either  a  Windows  laptop  or  Windows 
Mobile  device.  Symbian-based  phones,  such  as  the  Nokia  Communi¬ 
cator,  are  making  heavy  inroads  and  need  to  be  on  your  radar  screen 
for  mobility  support,  either  through  SSL  or  IPSec  VPN  technology  If 
you  also  haven’t  planned  to  support  Mac  users,  be  prepared  for  that 
onslaught.  They  are  also  popping  up  in  increasing  numbers 
in  Europe. 

The  second  surprise  was  the  ready  availability  and  use  of  wireless 


Mobile  models  lost  in  translation 


data  services  in  Europe.  In  the  U.S.,  competitive  carriers  and  tech¬ 
nologies  mean  we  have  a  lot  of  choice,  but  a  fairly  mediocre  foot¬ 
print  of  advanced  data  services.  In  Europe,  the  competitive  carrier 
situation  is  the  same,  but  the  focus  is  on  a  few  technologies, 
all  based  on  GSM.  This  means  that  overall  access  to  wireless  data 
is  easy  and  taken  for  granted  by  a  larger  percentage  of  users  — 
not  just  IT  folks  or  early  adopters.  Companies  are  not  tied  into  one 
carrier-focused  technology  or  product,  as  you  commonly  see 
in  the  U.S. 

Network  managers  need  to  be  prepared  for  heavier  demand  from 
their  European  users  for  secure  mobile  data,  because  the  wide  avail¬ 
ability  and  relatively  reasonable  cost  have  made  mobile  data  an 
expected  service.  In  the  U.S.,  we’d  jump  into  a  dedicated  device  or 
application,  such  as  a  BlackBerry.  In  Europe,  the  expectation  is  that 
mobile  data  services  will  layer  on  top  of  the  current  infrastructure, 
whether  that’s  a  mobile  phone  with  its  own  applications,  a  phone 
acting  as  a  modem  to  a  laptop  using  Bluetooth,  General  Packet 
Radio  Service,  Enhanced  Data  Rates  for  Global  Evolution  or  3G 
modem  card  in  a  laptop. 

Above  all,  the  key  lesson  I  learned  is  that  the  expectations  and 
models  of  how  to  roll  out  secure  mobile  services  in  the  U.S.  won’t 
necessarily  translate  to  Europe.  It’s  almost  like  they  speak  a  different 
language. 


Overall  access  to 
wireless  data  is 
easy  and  taken 
for  granted  by  a 
larger  percentage 
of  users  -  not 
just  IT  folks  or 
early  adopters. 


Snyder,  a  Network  World  Test  Alliance  partner,  is  a  senior  partner  at 
Opus  One  in  Tucson,  Ariz.  He  can  be  reached  at  joel.snyder@ 
opusl.com. 


BEAUTY  CHECK 

Thomas  Nolle 


ssuming  that  regulators  agree,  AT&T  as 
an  independent  entity  is  no  more,  and 
l  that’s  pretty  shocking.  What’s  even  more 
shocking  is  that  this  didn’t  have  to  happen. 
Since  SBC’s  planned  acquisition  of  AT&T  was 
announced, AT&T  has  portrayed  itself  as  a  vic¬ 
tim  of  events,  when  it  is  really  a  victim  of  itself. 

AT&T’s  problems  started  with  the  Modified  Final  Judgment  in  1984, 
the  decision  that  spun  off  the  RBOCs  as  independent  companies.  In  a 
stroke,  AT&T  lost  its  most  critical  asset:  direct  access  to  the  customer. 
AT&T  could  have  fought  the  decision, but  apparently  concluded,  in  the 
words  of  its  council  at  the  time, “The  physical  cost  of  keeping  the  Bell 
System  together  would  be  greater  than  the  cost  of  taking  it  apart.” 
Mistake  No.  1. 

The  Telecommunications  Act  of  1996  was  an  attempt  to  create  an  in¬ 
dustry  that  could  sell  something  other  than  consumer  voice.  Because 
the  RBOCs  had  to  pay  for  any  modernization  to  the  access  network 
(such  as  DSL  deployment)  and  because  the  1984  settlement  locked 
them  out  of  national  data  service  completely,  there  was  an  impasse  to 
correct.  The  telecom  act  did  that  by  letting  the  RBOCs  into  long-dis¬ 
tance,  conditioned  on  their  sharing  local  access  infrastructure  with 
their  competitors  —  unbundling.There’s  where  AT&T  made  its  second 
mistake. 

Instead  of  using  unbundled  loops  to  create  consumer  broadband 
connections  to  customers,  AT&T  focused  on  buying  local  voice  ser¬ 
vices  —  unbundled  network  element-platforms  (UNE-P)  —  at  deep  dis¬ 
counts  and  reselling  them  in  competition  with  the  RBOCs  that  created 
them  in  the  first  place.  AT&T  promoted  the  idea  that  it  was  the  cham¬ 
pion  of  competition,  both  publicly  and  in  regulatory  discussions. 
Apparently,  AT&T  came  to  believe  that  it  could  survive  reselling  some¬ 
one  else’s  network  assets,  and  that  was  a  very  bad  decision. 

The  sad  thing  is  that  AT&T  had  customer  access  assets  of  its  own. 
Remember  AT&T  Broadband?  Remember  AT&T  Wireless?  These  days, 


AT&T:  What  went  wrong? 


everyone  agrees  that  the  competition  of  the  future  is  between  the  cable 
companies  and  the  RBOCs.  Everyone  knows  wireless  is  hot.  Well,  AT&T 
used  to  be  both  a  wireless  and  a  cable  company  but  decided  to  spin 
off  the  former  and  later  merge  it  with  Cingular,  and  sell  off  the  latter  to 
Comcast.  Comcast,  you’ll  recall,  now  plans  to  get  into  the  consumer 
voice  services  market,  the  market  that  AT&T  couldn’t  make  a  go  of.  Here 
was  AT&T,  with  a  cable  business  and  wireless,  with  broadband  access 
to  the  customer  via  both  cable  broadband  and  potentially  3G.  AT&T 
was  in  a  position  to  be  the  leader  in  wireless/wireline  convergence, but 
instead  decided  to  focus  on  its  core  business.  Mistake  No.  3. 

But  even  without  access,  AT&T  might  have  made  it  as  an  indepen¬ 
dent.  What  AT&T  needed  to  do  was  modernize  its  infrastructure  around 
a  converged  IP  core  to  control  operations  costs  and  maintain  a  con¬ 
sumer  broadband  position  with  a  solid  VoIP  offering.  It  also  needed  to 
move  its  enterprise  clients  up  the  service  value  chain  to  managed  ser¬ 
vice  and  application  services,  with  particular  focus  on  Web  services. 
AT&T  articulated  this  very  story  in  2003. The  carrier  created  a  Web  ser¬ 
vice  alliance  with  Grand  Central  and  for  a  while  it  looked  like  AT&T 
really  might  be  trying  to  execute  its  plan  to  stem  its  revenue  losses  by 
2006.  Didn’t  happen,  obviously  Instead,  AT&T  got  conservative  with  cap¬ 
ital  expenditures  and  delayed  full  execution  of  Concept  of  One,  its  con¬ 
verged  core.The  carrier  made  little  progress  to  move  up  the  food  chain. 
AT&T  stopped  investment  in  its  CallVantage  VoIP  development,  which 
was  never  really  promoted  well  to  begin  with.  Mistake  No. 4. 

It  took  three  AT&T  CEOs  to  make  all  these  mistakes.  While  it’s  not  true 
that  AT&T  was  a  victim  of  the  market,  it  is  true  that  the  market,  and  reg¬ 
ulators  in  particular,  created  and  perpetuated  the  climate  that  created 
the  mistakes.  Somewhere  between  10,000  and  20,000  people  will  pay 
with  their  jobs  in  the  consolidation,  and  that  pretty  well  shows  who  the 
victims  in  this  sad  story  really  are. 


In  a  stroke,  AT&T 
lost  its  most  crit¬ 
ical  asset:  direct 
access  to  the 
customer. 


Nolle  is  president  of  CIMl,  a  technology  assessment  firm  in  Voorhees, 
NJ.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimicorp.com. 
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Face-on # 

Two  vendors  debate  whether  company  insiders 

re  employees  the  biggest 
hreat  to  network  security? 

are  a  greater  security  threat  than  hackers. 

Yes,  by  Joseph  Ansanelli 

Vontu 


No,  by  Jonathan  Bingham 
Intrusic 


oday,  insiders  represent  the  single  biggest  security  threat  for  the  simple  reason 
that  we  haven’t  addressed  the  problem.  That’s  because  IT  designed  to  prevent 
intrusion  from  the  outside  cannot  handle  the  task  of  keeping  confidential  data 
inside  the  organization. Yet  according  to  Gartner, 84%  of  high-cost  security  inci¬ 
dents  occur  when  insiders  send  confidential  data  outside  the  company 

It’s  easy  to  see  why  insiders,  not  hackers,  now  pose  the  greater  threat.To  violate  informa¬ 
tion  security  an  intruder  has  to  figure  out  how  to  break  into  the  network,  then  locate, 
obtain  and  distribute  the  desired  data  —  all  without  being  detected  by  today’s  highly 
effective  firewall,  network  security  and  intrusion-detection  systems. 

On  the  other  hand,  think  of  all  the  people  inside  the  company  who  have  ready  access 
to  customer,  employee,  product  and  financial  data.  These  same  people  also  have  instant 
access  to  the  Internet.  How  easy  is  it  for  a  call  center  representative  to  e-mail  confidential 
customer  data  to  a  competitor?  Or  for  a  software  engineer  to  send  source  code  out  along 
with  his  resume?  And  what’s  to  stop  an  administrative  employee  from  leaking  quarterly 
earnings  via  instant  messaging? 

With  confidential  customer  data  and  intellectual  property  just  a  keystroke  from  the  In¬ 
ternet,  every  organization  is  at  risk.  Common  sense  tells  us  the  insider  threat  is  huge,  and 
industry  research  confirms  it. Vontu ’s  risk  assessment  studies  reveal  that  one  out  of  every 
500  outbound  e-mails  contains  confidential  customer,  employee  or  financial  data,  intel¬ 
lectual  property  or  competitive  information.  Our  research  further  indicates  that  95%  of 
data  loss  incidents  are  unintentional. 

Today’s  network  security  systems  are  mostly  designed  to  prevent  intrusion  from  outside 
the  network.To  stop  an  insider  threat, software  has  to  meet  entirely  different  requirements. 

First,  it  must  not  only  detect  every  single  security  violation  based  on  discrete  policies 
and  content,  but  it  must  also  proactively  prevent  the  transmission  of  confidential  data 
outside  the  network.  It  must  provide  the  ability  to  accurately  measure  and  reduce  risk 
over  time.  And  it  must  let  users  manage  information  security  throughout  the  enterprise 
and  even,  in  some  cases,  across  multiple  companies, such  as  outsourcing  partners  and 
distributors. 

Software  vendors  have  been  slow  to  address  these  requirements,  which  is  one 
reason  why  the  insider  threat  looms  so  large.  But  that’s  changing.  Data-match- 
ing  technology  has  evolved  to  the  point  where  we  can  index  actual  database 
entries  with  100%  accuracy,  up  to  2  billion  data  cells  on  one  server;  Software 
technology  can  monitor  and  analyze  a  range  of  variables  over  time,  from 
content  patterns  and  relationships  to  sender  and  recipient  attributes,  network 
protocols  and  gateway  locations. 

So  the  bad  news  is,  yes,  the  insider  threat  has  become  the  No. 
security  issue  facing  corporations  today.  The  good  news  is  help 
is  on  the  way. 


Ansanelli  is  founder  and  CEO  of  Vontu,  a  vendor  of  data  loss  pre¬ 
vention  products.  He  can  be  reached  at  ceo@vontu.com. 


More  online! 

Log  on  to  Network  World  Fusion  to  voice  your  opinion. 
Face-off  authors  Joseph  Ansanelli  and  Jonathan 
Bingham  will  add  their  thoughts  to  the  discussion. 
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ompanies  find  it  convenient  to  single  out  employees  as  the  main  threat  to  inter¬ 
nal  network  security  so  they  can  put  a  face  on  the  problem.  But  unwanted 
intruders,  not  employees,  pose  the  greatest  risk  to  organizations.  An  intruder 
can  be  a  malicious  hacker,  former  employee  or  one  of  the  thousands  of  third- 
party  connections  organizations  have  opened  to  help  further  business  goals. 

Solutions  exist  to  protect  against  employee  abuse.  The  most  common  is  access  control 
—  locking  down  file  servers,  desktops  and  applications.  Recently  vendors  have  tried  to 
protect  content  on  the  networks.This  approach  only  fortifies  against  the  casual  employee 
who  is  bored  or  looking  to  get  a  head  start  with  the  sales  list  before  heading  to  the  next 
job.  These  solutions  cannot  protect  against  sophisticated  intruders  who  employ  state-of- 
the-art  tools  and  technologies  to  cause  damage  to  companies. 

Today  hackers  circumvent  network  security  by  disguising  themselves  as  legitimate  users. 
With  one  legitimate  access  account,  the  intruders  can  infiltrate  systems  —  not  breaking 
down  gates,  but  accessing  each  system  with  legitimate  credentials  they  gather  along  the 
way  They  steal  these  credentials  in  a  variety  of  ways:  compromising  a  home  user’s  com¬ 
puter,  tricking  employees  into  divulging  passwords  or  user  names,  or  sniffing  an  ISP 

Scarier  still,  most  companies  don’t  have  a  way  to  detect  these  compromises.  Com¬ 
promises  are  usually  discovered  while  operating  or  rebuilding  a  server  or,  more  likely 
when  a  CEO  wakes  up  to  find  his  proprietary  data  publicly  available. 

Criminals  use  an  arsenal  of  techniques  to  access  valuable  data:  reverse  HTTP  tunnels, 
Internet  Control  Messaging  Protocol  backdoors,  sniffers,  Trojans,  even  steganography  — 
embedding  data  in  images.  And  with  the  proliferation  of  sources  to  download  these  tools 
on  the  Web,  users  need  less  sophistication  than  they  did  even  six  months  ago. That’s  why 
companies  should  worry  about  sophisticated  hackers  and  not  employees  who  blindly 
access  networks. 

A  new  technology  —  compromise  detection  —  exists  to  combat  the  risk  malicious 
hackers  pose.  Unlike  both  access  controls  and  content  filters,  compromise  detection  was 
built  specifically  to  defend  against  the  stealthy  and  sophisticated  attacks  that  intruders 
will  use  now  and  in  the  future. 

Compromise  detection  exposes  hackers  as  they  enter  and  move  through  the  net¬ 
work.  This  approach  independently  audits  and  tracks  internal  traffic,  looking 
for  specific  telltale  signs  pointing  to  the  footprints  intruders  leave  behind.To 
identify  these  covert  actions  on  internal  networks,  a  product  must  have  a 
deep  understanding  of  how  internal  networks  fundamentally  behave. 

The  fact  is,  companies  assume  risk  for  a  compromise  anytime  they  grant 
access  to  their  networks.  Employees  happen  to  be  the  easiest  risk  factor  to 
guard  against.  It  is  imperative  for  organizations  to  realize  employees  are  not 
the  main  problem.  Thinking  so  leaves  networks  consistently  and 
dangerously  exposed. 


Bingham  is  president  and  co-founder  of  Intrusic,  a  security  software 
vendor.  He  can  be  reached  at  jbingham@intrusic.com. 
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Survey  shows  that  many 
companies  are  moving  from  app 
integration  to  business  process 
transformation. 

WFBSERVKltS 


ME  OFF 


BY  JIM  METZLER 


When  Soren  Burkhart  landed  the  job  of  CIO  at  Aloha  Airlines  a 
year  ago,  his  marching  orders  were  to  quickly  break  through  the 
constraints  of  the  company’s  legacy  mainframe  system.  The 
problem  was  serious.  “Integration  points  to  external  vendors 
were  very  limited  and  very  brittle. To  extend  the  system  to  incor¬ 
porate  customer  requirements  was  close  to  impossible,”  he  says. 


Ashton,  Metzler  &  Associates 
survey  of  more  than 
400  global  professionals, 


Has  your  company 
made  any  deployment 
of  Web  services? 


Burkhart  began  migrating  applications  off  the  main¬ 
frame  onto  Oracle  databases  and  application  servers.  He 
used  a  Web  service  to  “provide  integration  points  to  the 
old  sources  of  data  and  feed  our  new  Oracle  architecture,” 
Burkhart  says.The  project  “took  an  order  of  magnitude  less 
time”  than  it  would  have  without  using  Web  services. 

Burkhart  is  one  of  a  growing  number  of  IT  executives 
who  got  their  feet  wet  with  a  Web  services  rollout,  which 
involved  application  integration,  and  now  are  moving  to 
more  advanced  projects  that  connect  to  business  partners 
and  streamline  core  business  processes. 

That’s  the  key  finding  in  an  Ashton,  Metzler  &  Associates 
survey  of  more  than  400  global  professionals.  Sixty-four 
percent  of  419  respondents  said  their  company  has 
deployed  a  Web  service,  while  36%  said  they  had  not. 

The  survey  also  found  that  once  companies  have 
established  their  basic  Web  services  foundation,  they  are 
finding  it  relatively  easy  to  deploy  additional  services.  In 


TOTAL  RESPONDENTS:  419 


V, 


the  process,  they  are  building  toward  a 
service-oriented  architecture  (SOA),in 
which  overall  application  develop¬ 
ment  and  application  integration  is 
accelerated  by  the  reuse  of  software 
components. 

According  to  the  survey  of  those  companies  that  have 
deployed  a  Web  service,  56%  used  the  Web  service  as  an 
application-to-application  interface  within  the  company 

How  sweet  it  is 

Daisy  Brands  first  foray  into  Web  services  was  a  project 
designed  to  speed  up  an  internal  process,  according  to 
Kevin  Brown,  director  of  IS  at  the  Dallas  sour  cream  maker. 

“Most  of  the  world  has  looked  at  Web  services  as  a 
killer  application.  We  have  taken  a  more  pragmatic 
approach  and  have  focused  on  using  Web  sendees  pri¬ 
marily  to  improve  application  integration  behind  our 
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Net  effect: 

The  deployment  of  Web  services  is  going  to  stress  network  infras  'uctures. 
For  example,  the  use  of  Web  services  will  greatly  increase  the  amount  of  traf¬ 
fic  that  transits  the  WAN.  In  addition,  the  deployment  of  Web  services  requires 
sophisticated  performance  management  functionality  that  lets  network  orga¬ 
nizations  respond  to  complex  performance  issues  in  real  time. 


firewall,”  he  says. 

The  Web  service  let  Daisy  Brand  take  a 
batch-oriented  system  that  forecasted 
demand  for  the  company’s  product  and 
integrate  it  with  an  ERP  application  to  cre¬ 
ate  a  real-time  order-generating  system. 

Before  Web  services,  the  forecasting  sys¬ 
tem  spit  out  a  batch  text  file  for  each  order 
recommendation.  The  customer  relations 
team  had  to  enter  each  order  manually 
which  introduced  an  additional  step  and 
the  potential  for  data  errors. 

The  Web  service,  which  Daisy  Brand’s  IS 
team  developed  in  20  hours,  uses  an 
order  description  in  XML  format.The  data 
then  is  transformed  into  an  XML  schema 
that  is  compatible  with  the  company’s 
ERP  system. 

The  Web  service  then  writes  the  XML  out¬ 
put  to  a  queue  that  processes  electronic 
data  interchange  (EDI)  orders.The  Web  ser¬ 
vice  also  maintains  what  purchase  order  is 
assigned  to  the  order  on  behalf  of  trading 
partners.  After  the  order  is  generated,  an 
EDI  document  is  sent  back  to  the  customer 
with  the  purchase  order  number  and  the 
ordered  products. 

Web  services:  Part  Deux 

According  to  the  survey  35%  of  respon¬ 
dents  who  have  deployed  Web  services  use 
them  as  an  application-to-application  inter¬ 
face  with  business  partners. 

At  Aloha  Airlines  in  Hawaii,  Burkhart  had 
an  internal  application  integration  project 
under  his  belt.  His  next  mission  was  to 
improve  Aloha’s  ticket-booking  engine  to 
make  it  easier  for  customers  to  find  the 
lowest  fares. 

He  used  Business  Process  Execution 
Language  (BPEL)  to  develop  a  Web  ser¬ 
vice  that  connected  Aloha’s  internal  sys¬ 
tems  with  the  Electronic  Data  Systems 
Shares  reservation  system  that  the  compa¬ 
ny  uses. 


“MOST  OF  THE  WORLD  HAS 
LOOKED  AT  WEB  SERVICES  AS  A 
KILLER  APPLICATION.  WE  HAVE 
TAKEN  A  MORE  PRAGMATIC 
APPROACH  AND  HAVE  FOCUSED  ON 
USING  WES  SERVICES  PRIMARILY 
TO  IMPROVE  APPLICATION  INTE¬ 
GRATION  BEHIND  OUR  FIREWALL  ” 

KEVIN  BROWN, 

DIRECTOR  OF  IS,  DAISY  BRAND 


Burkhart  says  one  reason  he  likes  BPEL  is 
because  it  is  an  open  standard  that  lets  him 
hold  his  vendors  accountable.  He  also  says 
by  using  BPEL,  his  organization  can  model 
and  store  Web  services  in  a  way  that  makes 
it  much  easier  to  recombine  services. 

He  says  it  used  to  take  500  hours  of  de¬ 
velopment  time  to  make  a  typical  change 
to  the  order  entry  system.  Now  that  it  has 
been  exposed  as  a  Web  service,  a  typical 


change  can  be  accomplished  in  50  hours 
of  development  time.  “The  new  booking 
engine  will  save  Aloha  over  $1  million,”  he 
says. 

“Once  you  have  a  Web  service  devel¬ 
oped  for  a  given  purpose,  you  can  reuse  it 
for  another  business  process  as  needed,” 
Daisy  Brand’s  Brown  says.“For  example,  the 
Web  service  we  created  to  input  orders 
into  our  ERP  system  can  now  be  leveraged 
to  support  online  orders  for  our  other  lines 
of  business  which  have  been  traditionally 
paper-based. 

“We  plan  to  use  the  same  interface  to 
provide  [electronic  data  interchange]  like 
business  processes  for  non-EDI  cus¬ 
tomers,”  he  says.  The  company  is  thinking 
about  “how  we  can  now  support  e-com- 
merce  for  our  food  service  business  using 
a  portal  Web  site  or  potentially  using  inter¬ 
active  voice  response,  as  well,”  Brown  adds. 

He  says  his  developers  use  the  Microsoft 
.Net  framework.“In  particular,  we  take  the 
[Web  Services  Description  Language] 
definitions  out  of  .Net  and  import  them 
into  directly  into  Tibco’s  Business  Works,” 
he  adds. 

Developing  an  SOA 

Just  more  than  40%  of  the  survey  respon¬ 
dents  indicated  that  their  company  began 
deploying  Web  services  to  solve  a  particu¬ 
lar  problem  and  then  later  began  develop¬ 
ing  an  SOA. 

That  is  the  approach  Daisy  Brand  took. 
“We  did  not  start  off  developing  a 
SOA.  However,  we  basically  ended 
up  with  one,”  Brown  says. 

Burkhart  adds,  “SOA  can  mean 
many  things  to  many  people,  but  pri¬ 
marily  you  have  to  start  at  a  high 
level  and  identify  what  are  your  key 
business  services  that  you  need  to 
provide  to  your  customers,  and  how 
do  you  want  to  leverage  them 
across  the  enterprise.” 

Burkhart  cautioned  that  starting 
off  by  developing  a  full-blown  SOA 
has  its  risks.  He  says  he  has  seen  a 
lot  of  people  try  to  “boil  the  ocean 
and  not  make  any  progress  until 
they  had  solved  all  of  the  technical 
problems.”  He  suggested  that  com¬ 
panies  should  start  small,  get  some  results 
and  then  build  off  of  that. 

Stumbling  blocks 

Of  course,  there  are  problems  associated 
with  Web  services,  such  as  poor  perfor¬ 
mance  and  lack  of  management  tools. 

“We  do  not  have  the  transaction  volumes 
like  some  of  the  large  e-commerce  com¬ 
panies.  As  a  result,  we  have  not  experi¬ 


enced  the  performance  problems  that  are 
typically  associated  with  Web  services 
deployments,”  Brown  says. 

“One  of  the  factors  that  may  limit  the 
widespread  use  of  Web  services  is  the  lack 
of  a  comprehensive  management  environ¬ 
ment  for  Web  services,”  he  says.  “Basically 

Web  services  rollouts 


when  there  is  not  a  problem, Web  services 
work  really  well.  When  there  is  a  problem, 
it  gets  chaotic  quickly.” 

Burkhart  adds,  “Web  services  are  a  tool, 
not  a  panacea.  To  truly  leverage  Web  ser¬ 
vices  you  have  to  continually  ask  the 
company’s  business  leaders  questions 
like  ‘How  do  you  want  to  serve  your  cus¬ 
tomers?’” 

With  that  in  mind,  Burkhart  is  looking 
forward  to  more  use  of  BPEL  and  a  lot 
more  migration  off  the  current  legacy 
infrastructure. 

Metzler  is  president  of  consultancy  at 
Ashton,  Metzler  &  Associates.  He  can  be 
reached  at  jim@ashtonmetzler.com. 


If  your  company 
has  made  some 
deployment  of 
Web  services, 
which  of  the 
following  best 
describe  what 
your  company 
accomplished? 


In  addition  to  an 
application-to- 
application  interface 
changes  to  business 
processes 

Application-to- 
application 
interface  with 
business  partners 


Application- 
to-application 
interface 
within  our 
company 

TOTAL 

RESPONDENTS: 

378 


How  much  change  is  your  company  making  to 
key  business  processes? 


4% 


5% 


NO  COMMITMENT  ►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►TOTAL 

TOTAL  RESPONDENTS:  524 


How  committed  is  your  company  to  leveraging 
technology  to  enhance  key  business  processes? 


2% 


3% 


NO  COMM ITM ENT ►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►►' 

TOTAL  RESPONDENTS:  526 


Which  of  the  following  best  describes  how  your  company  got 
started  with  deploying  Web  services? 


First  developed 
an  architecture 
and  are  now 
working  to 
implement  that 
architecture. 


We  have  been  using 
Web  services  to  solve 
particular  problems 
and  have  not  yet 
begun  to  develop  an 
overall  architecture. 

TOTAL 

RESPONDENTS: 

298 


We  got  started  by  using 
Web  services  to  solve 
particular  problems  and 
subsequently  began  to 
pull  together  an 
architecture. 


SOURCE:  ASHTON,  METZLER  &  ASSOCIATES 
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WaveUnk  Mobile 
Manager  Enterprise 


Save  time  (and  headaches) 
managing  your  WLAN  infrastructure 

WB  BY  THOMAS  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

hen  you’ve  got  a  large  enterprise  wireless  LAN  infrastructure,  keeping  track  of  all 
your  access  points  becomes  a  monster  job  as  the  network  gets  bigger.  WaveLink’s 
Mobile  Manager  Enterprise  is  a  central  administrative,  management  and  infra¬ 
structure  audit  point  for  an  802.1 1  WLAN.  In  tests,  we  found  that  it’s  a  major  piece 
of  the  puzzle  that  can  be  made  even  larger  with  the  integration  of  AirMagnet  Enterprise  (see 
related  story  below)  to  help  diagnose  network  problems. 


Mobile  Manager  Enterprise  has  an 
almost-surgical  ability  to  manage  a 
diverse  set  of  access  point  brands  and 
models  in  great  detail  by  administrator- 
defined  groups  with  pre-defined,  articu¬ 
late  policies.  Firmware  upgrades  and 
access  control  list  (ACL)  changes  —  the 
bane  of  access  point  management  — 
can  be  rolled  out  with  incredible  ease. 
WaveLink  keeps  track  of  its  list  of  com¬ 
patible  vendors  and  knows  their  foibles 
perhaps  better  than  the  access  point  ven¬ 
dors  themselves.  Where  WaveLink  can 
control,  it  has  a  very  strong  grip. 

We  found  that  the  system  can  be 
fooled,  but  not  for  long.  Mobile  Manager 
Enterprise  doesn’t  monitor  the  wires  like 
a  protocol  analyzer  or  intrusion-detec¬ 
tion  application,  so  it’s  for  wireless  com¬ 
ponents  only  It  also  has  a  limited  set  of 
enterprise  wireless  access  points  that  are 
compatible  with  the  system. 


Net  Results 


Company:  WaveLink,  www.wavelink.com 
Cost:  $1,500  (covers  25  access  points; 
quantity  discounts).  Pros:  Dramatic 
administration  time  saver;  surgical 
administration  of  enterprise  access  points, 
Cons:  Limited  access  point  breadth;  only 
a  partial  solution;  weak  user  interface. 


The  breakdown 


Administration/management 
functionality  40% 


Coiflatibility/interopsrabllity  20% 


Security  20% 


Documentation/hslp  20% 


TOTAL  SCORE 


3.5 


3.5 


3.8 


Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
stibpar 


(Add  AirMagnet  to  complete  the  puzzle 

AirMagnet  Enterprise  Version  5  (formerly  known  as  Distributed  Version  4) 
has  been  compatible  with  Mobile  Manager  Enterprise  for  several  months. 
Sensor  information  and  SNMP  traps  can  communicate  with  the  WaveLink 
system  in  intelligent  ways  bidirectionally,  One  main  benefit  of  this  integration  is 
the  newly  enabled  ability  for  AirMagnet  Enterprise  to  shut  down  switch  ports 
where  rogue  activity  is  suspected, 

This  feature  requires  that  AirMagnet  Enterprise  can  communicate  with  the 
switch  through  SNMP,  and  instructions  on  how  this  is  done  are  somewhat 
ambiguous.  It  took  a  while,  but  we  were  able  to  get  the  system  to  trace  rogues 
through  our  simple  infrastructure  and  actually  kill  the  port  on  our  HP  switch. 
Once  the  SNMP  management  information  base  links  are  sorted  out  and  talking, 
it's  possible  to  kill  ports  where  suspected  rogue  traffic  has  been  found  —  or 
even  at  the  access  point  level,  provided  the  access  point  supports  SNMP. 

AirMagnet  Enterprise  adds  a  great  ability  to  the  WaveLink  system  —  reaction 
to  alarms.  The  downside  is  that  people  wandering  by  with  equipment  can  some¬ 
times  trigger  the  alarms,  so  time-outs  might  be  needed  before  action  is  taken. 
An  individual  with  a  wandering  access  point  also  can  shut  off  large  amounts  of 
equipment  during  a  walk-through,  as  we  discovered  in  our  tests. 

—  Thomas  Henderson 


Monitor  and  manage 

Mobile  Manager  Enterprise  is  a  server- 
based  application  that  runs  on  Windows 
2000  server  or  XP  Professional  (with 
appropriate  service  packs  installed). The 
server  application  joins  a  wired  network 
where  wireless  access  points  reside. 
These  networks  can  be  local,  or  joined 
over  a  VPN  or  private  network  link. 

The  system  monitors,  controls  and  ad¬ 
ministers  the  discovered  wireless  access 
point  infrastructure.  Mobile  Manager 
Enterprise  runs  as  a  Windows  service,  and 
an  application  called  Administrator  con¬ 
nects  to  the  service  through  an  autho¬ 
rized  network  adapter  on  the  server. 

The  system  probes  the  network  via 
administrator-defined  searches  to  look 
for  access  point  signatures  that  it  knows 
through  an  auto-discovery  process  (it 
looks  for  various  Layer  2  signatures). 
Specific  IP  address  ranges  also  can  be 
monitored  for  access  point  signatures. 
When  found,  the  access  points  are  added 
to  the  Mobile  Manager  Enterprise  data¬ 
base.  Access  points  are  categorized  and 
become  managed  by  groups  and  areas. 
The  system  manages  only  enterprise- 
class  access  points,  and  the  compatibility 
list  is  important  because  incompatible 
access  points  must  be  managed  singly 
and  discretely  Managing  an  incompati¬ 
ble  access  point  adds  to  the  labor  cost, 
thwarting  the  WaveLink  system’s  useful¬ 
ness.  We  wish  more  access  point  models 
could  be  managed  with  WaveLink,  but 
because  enterprise-class  devices  are  uni¬ 
formly  managed  through  SNMP  and 
ACLs,  users  of  lower-priced  access  points 
with  fewer  features  will  be  left  out  from 
WaveLink’s  management  conveniences. 

A  graphical  view  of  the  network  can  be 
used  to  visualize  discovered  compo¬ 
nents.  You  then  can  watch  mobile  de¬ 
vices  roam  across  the  graphical  maps 
imported  into  the  application.  We  found 
this  amusing  but  not  incredibly  com¬ 
pelling.  This  feature  might  be  useful  in 
tracking  rogue  devices  as  they  roam 
through  a  large  facility  and  potentially 


helps  locate  these  devices  when  needed; 
otherwise,  it’s  more  of  a  gimmick. 

We  used  several  compatible  and  in¬ 
compatible  access  points,  and  found  that 
Mobile  Manager  Enterprise  knew  which 
ones  were  and  weren’t  within  seconds 
(see  “How  we  did  it”  at  www.nwfusion. 
com,  DocFinder;  5926). We  found  it  possi¬ 
ble  to  fool  the  system  by  changing  the 
media  access  control  (MAC)  address  of  a 
D-Link  Systems  home  access  point/ 
router  to  one  that  falls  within  a  compati¬ 
ble  range.  But  that  trick  worked  only  until 
the  system  probed  the  access  point/ 
router  to  discover  the  masquerade  dur¬ 
ing  the  system’s  check  of  its  known 
access  point  iists.This  type  of  rogue  lives 
a  short  life  until  it  is  detected.  Except  for 
some  very  old  yet  ostensibly  compatible 
access  points,  detection  was  flawless. 

The  system  then  can  develop  an  ACL 
or  point  to  a  control  point  (we  used  a 
Linux-resident  Radius  server)  as  an  auth¬ 
enticator.  It  is  necessary  to  populate  ac¬ 


cess  points  with  the  information  needed 
to  update  their  ACLs  with  acceptable 
client-side  MAC  addresses.  The  ability  of 
Mobile  Manager  Enterprise  to  do  ACL 
updates  across  an  entire  corporation 
itself  is  nearly  worth  the  price  of  the  prod¬ 
uct  in  labor  savings.  Newly  installed  or 
replacement  access  points  can  be  auto¬ 
matically  updated  and  placed  into  ser¬ 
vice.  In  our  tests,  this  feature  worked  for 
three  brands  of  compatible  access 
points. 

We  also  used  the  system  to  perform 
access  point  firmware  updates  and 
changes.  Profiles  for  groups  or  individual 
access  points  can  be  built,  including  set¬ 
tings  for  security  (such  as  Wired 
Equivalent  Privacy,  802.  IX  and  other  set¬ 
tings).  We  found  this  simple  to  set  up  and 
a  strong  benefit.  A  default  profile  can  be 
used  as  the  basis  for  others.  Once  profiles 
are  built,  the  default  profile  can  be  used 
to  automatically  install  firmware  up¬ 
dates  and  policies  to  any  new  access 
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points.  In  testing,  we  found  the  automatic 
installation  was  a  breeze  for  rolling  out  new 
or  expanded  wireless  infrastructure. 

WaveLink  also  sends  an  addendum  that 
highlights  implications  of  firmware  up¬ 
dates  for  each  access  point  type  it  covers. 
This  is  very  handy, as  access  points  from  dif¬ 
ferent  brands  and  models  don’t  react  to 
firmware  updates  in  the  same  way  requir¬ 
ing  access  point-specific  instructions  for 
updates.  Also,  if  a  firmware  update  requires 
a  reload  of  an  ACL  list  or  other  settings, 
Mobile  Manager  Enterprise  can  handle  this 
rapidly 

The  system’s  alerting  feature  lets  users 
create  statistical  alerts  (such  as  when  traffic 
is  too  high  or  there  are  too  many  errors)  to 
trigger  e-mail  messages,  or  proxy  sends  to  a 
network  management  framework  (Com¬ 
puter  Associates’  Unicenter,  HP  OpenView 
or  another  SNMP  manager). 

Mobile  Manager  Enterprise  maintains  a 
database  of  access  point  firmware  that  is 
subsequently  sent  to  access  points  via  Triv¬ 
ial  FTP  which  is  an  unsecure  but  seemingly 
mandatory  protocol  for  updates  to  access 
points.  We  force-fed  alarm  conditions  to  the 
Mobile  Manager  Enterprise  server  using 
NMAP  and  were  unable  to  make  the  system 
choke,  although  the  user  interface  fell 
behind  the  updated  alarm  lists  for  a  while. 


Rogue/error  detection 

A  prerequisite  for  using  Mobile  Manager 
Enterprise  is  that  an  entire  spatial  geogra¬ 
phy  be  covered  by  access  points  (or  Air- 
Magnet  sensors),  as  the  system  doesn’t 
perform  intrusion-detection-system-like 
checks  of  network  wires  to  look  for  rogue 
access  point  signatures,  except  when  it 
periodically  probes  the  network  looking 
for  access  points.  The  time  frame  is  long 
enough  to  let  some  access  points  with 
spoofed  MAC  addresses  be  ignored  for  a 
while.  When  a  wireless  rogue  was  intro¬ 
duced  into  Mobile  Manager  Enterprise- 
covered  airspace,  it  detected  it  every  time. 

It  learns  the  location  of  surrounding 
access  points,  and  moving  an  access  point 
physically  can  set  off  a  trigger.  Ad  hoc  net¬ 
works  that  can  be  heard  also  are  detected 
and  flagged,  such  as  APC’s  Wireless  Mobile 
Router,  which  extends  wired  or  dial-up  con¬ 
nections  for  shared  802.11b  clients.  Air- 
Magnet  Enterprise  adds  value  to  the  system 
by  its  ability  to  send  triggers  to  Mobile  Man¬ 
ager  Enterprise  that  rogue  devices  have 
been  detected. 

We  could  only  find  one  method  that 
fooled  Mobile  Manager  Enterprise,  and 
only  for  a  short  time.  It  required  a  “van  in 
the  parking  lot”  style  attack,  where  an 
access  point  with  a  wired  connection  uses 


a  spoofed  MAC  address  identical  to  the  one 
it  replaces.This  works  only  until  the  sched¬ 
uled  probe  discovers  that  the  feature  set 
isn’t  identical,  which  generates  an  alert. 
Other  rogue  attempts,  via  client  or  access 
points,  were  all  detected. 

A  few  bumps 

The  user  interface  suffers  from  a  few  fea¬ 
tures  that  don’t  work  (for  example,  seeing 
date  stamps  on  logs  from  the  log  manager). 
There  is  no  method  to  import  user  ACLs  or 
draw  from  directory  services  of  any  kind. 
MAC  address  data  entry  is  painful,  even  if  it 
needs  to  be  done  only  once.  Even  compa¬ 
nies  that  keep  studious  track  of  user  infor¬ 
mation  must  enter  items  manually 

Documentation  is  extensive,  but  some¬ 
times  ambiguous.  Updates  are  helpful  for 
access  point-specific  information,  but 
drawing  conclusions  as  to  action  items  is 
left  to  end  users,  as  no  recommendations 
are  made. 

Overall,  WaveLink’s  Mobile  Manager 
Enterprise  is  an  extraordinary  time  saver.  It’s 
a  must-have  for  companies  with  heteroge¬ 
neous  access  point  infrastructure  (and 
remote  sites),  as  the  alternative  is  lots  of 
duplication  of  effort  to  manage  and  update 
access  points,  and  the  incumbent  docu¬ 
mentation  needed  for  security  audits. 


Henderson  is  principal  researcher  for 
ExtremeLabs  in  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs.com. 
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Butterfingered 
mobile  device 
users  create 
further  IT  risk 

■  BY  JOANIE  WEXLER 

The  need  for  a  structured  approach  to 
the  management  and  security  of  mobile 
devices  is  escalating.  Smartphone-style 
devices,  in  addition  to  supporting  voice 
communications,  are  increasingly  likely  to 
store  sensitive  corporate  data  and  intranet 
connections.  They  are  most  easily  left 
behind  for  an  outsider  to  find  and  poten¬ 
tially  exploit. 

Given  a  recent  study  reflecting  the  stag¬ 
gering  rate  at  which  mobile  devices  are 
lost,  building  policies  around  using  pass¬ 
words  and  encryption  capabilities  is  be¬ 
coming  imperative  for  businesses. 

Fbintsec  Mobile  Technologies,  a  mobile 
data  protection  company,  sponsored  a 
study  among  licensed  taxi  drivers  in  nine 
countries  to  measure  the  degree  to  which 
mobile  devices  are  lost  in  transit.  The  U.S. 
company  that  was  polled  in  the  survey  — 
a  major  Chicago  cab  company  —  reported 
the  highest  number  of  losses  per  taxi  of  all 
the  participating  companies:  about  three 
devices  per  cab  over  six  months. 

The  statistics  work  out  to  85,619  mobile 
phones,  21,460  handhelds  and  4,425  lap¬ 
tops  being  left  behind. 

Fbintsec  notes  that  many  mobile  devices 
have  a  standard  memory  capacity  of  80M 
bytes  and  can  support  the  equivalent  of 
6,000  Word  documents,  720,000  e-mail 
messages,  360,000  contact  details,  or  7,200 
pictures.  Even  if  you  personally  aren’t  wor¬ 
ried  about  the  potential  vulnerability  impli¬ 
cations,  legislation  is  cracking  down  on  the 
auditing  and  security  of  information.  The 
probability  of  legal  action  taken  against 
organizations  that  do  not  protect  the  info 
on  mobile  devices  is  likely  to  increase, 
Fbintsec  notes. 

Bob  Egan,  president  and  CEO  of  Mobile 
Competency  says  in  his  Mobile  Viewpoint 
column  that  these  are  among  the  reasons 
CIOs  and  IT  managers  should  pay  atten¬ 
tion  to  tools  such  as  JP  Mobile  SureWave 
Mobile  Defense  and  Sprint  Managed 
Mobility  Services.  These  tools  let  compa¬ 
nies  remotely  disable  lost  or  stolen  hand¬ 
sets,  or  wipe  them  clean. 

JP  Mobile  SureWave  is  a  tool  that  allows 
IT  departments  to  wirelessly  deploy  update 
and  enforce  security  policies  enterprise¬ 
wide  dynamicallyAdministrators  control  a 
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range  of  security  options  over  the  air,  in¬ 
cluding  mandatory  device  lock  and  group 
settings,  remote  device  wipe  and  remote 
password  reset.  With  its  Managed  Mobility 
Service,  Sprint  takes  responsibility  for  over- 
the-air  configuration,  security  manage¬ 
ment,  asset,  tracking  and  billing  manage¬ 


ment  of  a  firms  fleet  of  mobile  devices. 

In  this  spirit,  note  that  Version  9  of  the 
Symbian  operating  system  —  a  mobile 
operating  system  that  runs  in  certain 
Motorola,  Nokia,  Panasonic,  Siemens,  Sony 
Ericsson  and  other  smartphones  —  gives 
network  operators  and  companies  addi¬ 


tional  capabilities  to  manage  the  devices 
over  the  air. 

Wexler  is  an  independent  networking  tech¬ 
nology  writer/ editor  in  California's  Silicon 
Valley.  She  can  be  reached  at  joanie@ 
jwexler.com. 
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troubleshooting 


service  assurance 


IP-Phone  Emulation 
Call  Signaling  Verification 
Voice  Quality  Testing 


Real-time  Packet  Capture 
Mean  Opinion  Score  (M0S) 
VoIP  QoS  Impairment  Alerts 


Fault  Isolation  &  Trouble  Identification 
End-to-End  Service  Verification 
Remote  and  On-site  Testing 


Not  without  Acterna’s  VoIP  Test  and  Management  Portfolio 

Acterna’s  bundled  sets  of  instruments,  systems,  and  software  let  service  providers  and  enterprises  see  and 
hear  how  their  VoIP  service  is  performing.  With  initial  field  service  turn-up,  complex  troubleshooting  and  root; 
cause  problem  identification  throughout  the  network,  and  on-going  service  verification,  the  message  comes 
through  loud  and  clear:  Your  VoIP  service  matches  POTS.  For  all  the  details,  please  visit  acterna.comA/olP. 
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Network  Management/ 

IT  Automation 

and  the  Agile  Enterprise:  Tools  to  Bridge  the  Gap 

Join  Dr.  Jim  Metzler,  President,  Ashton  Metzler  and  Associates  and  leading 
solution  partners  at  this  Network  World  Technology  Tour  and  Expo 

What  ultimately  makes  an  agile  enterprise  agile?  The  sudden  realization  of  a  dangerous  gap 
between  what  the  enterprise  expects  and  the  management  tools  you  need  when  opportunity 
looms,  growth  is  rapid  or  a  crisis  strikes.  This  event  bridges  that  gap  with  key  technologies 
in  seven  crucial  management  areas  to  help  you:  1 -Secure  systems.  2-Map  infrastructure. 
3-Maximize  applications  4-Measure  performance.  5-Automate  processes.  6-Empower  users. 
7-Integrate  emerging  innovations.  Don't  miss  this  opportunity.  Register  now  to  attend  free. 
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Map.  Measure.  Manage. 
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AlterPoint  provides  intelligent  network  change 
and  configuration  management  solutions. 
Companies  worldwide  rely  on  the  intelligence 
and  automation  in  our  award-winning  solution, 
DeviceAuthority  Suite,  to  proactively  manage 
configuration  change,  compliance  and  security 
across  multi-vendor  networks,  maximizing  IT 
infrastructure  performance  and  availability. 

Lucent  Technologies 

Bell  Labs  Innovations 

Lucent  Technologies,  the  largest  communica¬ 
tions  infrastructure  provider  in  North  America 
offers  enterprises  an  in-depth  portfolio  of 
industry  leading,  award-winning  VitalSuite® 
and  VitalQIP®  Management  Software  solutions 
to  help  manage  all  aspects  of  IT  network 
operations — effectively,  efficiently  with 
unparal  leied  RO 1 . 


Concord  Communications,  Inc.  provides  an 
integrated  solution  that  enables  companies  to 
map  their  IT  services  to  business  needs,  measure 
their  actual  end-user  experience,  and  manage 
their  applications,  systems,  and  networks. 
Companies  worldwide  rely  on  Concords 
eHealth®  Suite  to  optimize  IT  services  to 
drive  business  success. 

NetScout 

With  more  than  3,000  global  customers  repre¬ 
senting  all  major  industries,  NetScout  Systems, 
Inc.,  through  its  nGenius  Solution  enables 
organizations  to  optimize  the  performance  and 
manage  the  costs  of  geographically  dispersed, 
complex  networks  as  well  as  to  ensure  the 
efficient  delivery  of  critical  business  applications 
and  content  to  end-users. 


Fluke  Networks  is  the  leading  provider  of  innov¬ 
ative  solutions  for  the  testing,  monitoring  and 
analysis  of  enterprise  networks.  We  provide  a 
complete  range  of  application  performance 
management  and  network  analysis  tools  to  keep 
you  in  control  of  your  network  environment  - 
even  as  it  changes. 
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Network  Management/IT  Automation  and  the  Agile  Enterprise:  Tools  to  Bridge  the  Gap 

Register  now  at  www.nwfusion.com/NMW5A  or  call  1-800-643-4668 


To  join  sponsors  of  this  premier  Network  World  Event,  or  to  find  out  more  about  onsite  company  training,  please  contact 
Andrea  D'Amato  at  1-508-490-6520  oradamato@nww.com  for  free,  no-obligation  information 
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Personal  links 
not  a  technical 
problem,  Part  1 


(or  victims)  URLs  like  this  to  remove 
themselves  (or  believe  that  they  remove 
themselves)  from  the  list:  www.nwfusion. 
com,  DocFinder:  5927. 

People  who  are  irritated  by  spammers 
have  been  known  to  generate  lots  of  sim¬ 
ilar  URLs  and  automatically  cause  mass 


removals  from  the  lists  using  this 
vulnerability. 

In  the  next  story  in  this  two-part  series,  1 
discuss  a  related  issue:  links  to  embarrass¬ 
ing  Web  sites. 

For  the  second  article  in  this  series,  please 
go  to  the  Security  Newsletter  online  archive 


at:  DocFinder:  5928. 

Kabay,  Ph.D. ,  CISSPis  an  associate  profes¬ 
sor  in  the  Division  of  Business  and 
Management  at  Norwich  University  in 
Northfield,  Vt.  He  can  be  reached  at 
mkabay@norwich.  edu 


m  BY  M.  E.  KABAY 

A  friend  of  mine  from  another  university 
was  visiting  recently  and  told  me  about  a 
peculiar  situation  at  work. 

His  institution  is  experiencing  financial 
difficulties,  so  his  department  decided  to 
reduce  expenses  by  eliminating  the  ex¬ 
tensive  full-color  brochure  they  had  pub¬ 
lished  for  many  years  to  entice  students 
and  parents  into  considering  their  pro¬ 
gram.  Instead,  they  would  publish  a  much 
simpler,  less  expensive  brochure  and  put 
lots  of  exciting  information  on  the  depart¬ 
mental  Web  site. 

This  plan  would  offer  the  opportunity 
for  including  links  to  each  professor’s  per¬ 
sonal  Web  page,  where  the  faculty  could 
post  valuable  and  impressive  materials 
such  as  their  curriculum  vitae,  list  of  pub¬ 
lications,  photos  and  so  on. 

Then  he  hit  a  brick  wall. 

The  IT  security  officer  at  the  university 
disallowed  all  external  links  from  the  main 
departmental  Web  page.  University  policy 
precluded  such  links.They  would,  said  the 
security  administrator,  “compromise  the 
security  of  the  institutional  Web  site.”  And 
that  was  it:  end  of  discussion. 

My  friend  asked  me  about  the  security 
implications  of  having  external  links. Was  it 
true  that  they  could  allow  an  attack  on  the 
university’s  Web  site? 

Well,  no,  not  in  the  normal  sense  of  the 
word  “attack.” 

HTTP  is  a  system  for  giving  client  sys¬ 
tems  (the  computers  running  a  browser) 
an  address  that  can  be  translated  into  a 
numerical  IP  address  using  the  DNS.  An 
address  in  HTML  is  a  string  that  is  usually 
formatted  in  a  particular  way  (under¬ 
lined  and  in  a  particular  color)  accord¬ 
ing  to  the  settings  on  the  client  system. 
As  far  as  the  Web  site  is  concerned,  an 
HTML  page  that  contains  only  URLs  is 
just  a  bunch  of  text. 

Note  that  I  am  not  discussing  active  con¬ 
tent  here;  there  are  certainly  ways  to  open 
holes  in  a  Web  site  using  URLs  that  are 
dynamically  generated.  For  example, 
URLs  that  contain  details  that  are  inter¬ 
preted  by  the  Web  site  as  instructions  or 
as  user  identification  codes  and  authenti¬ 
cation  sequences  can  easily  be  abused 
from  the  outside.  A  specific  example  is 
some  mailing  list  administrators’  (or 
spammers’)  practice  of  giving  members 
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AuditWizard  V6  -  Simply  Effective 

No  other  software  makes  auditing  your  network  as  quick  and  easy 
as  AuditWizard™. 

Install,  then  sit  back  and  let  AuditWizard™  do  all  the  complicated  stuff. 
AuditWizard™  will  automatically  discover  all  of  the  PCs  connected  to  your  network 
then  conduct  a  comprehensive  software  and  hardware  audit  of  each  one  -  without 
any  user  intervention  from  you. 


Only  took  you 
2  minutes  to  audit 
the  entire  network? 


Don't  tell  anyone 
or  they'll  find 
something  else 
for  you  to  dot 
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So  when  the  boss  asks  for  that  Software  License  Compliance  Report  -  you're 
good  to  go... 


...if  only  everything  in  life  was  as  simple  to  use  as  AuditWizard™ 


For  more  information  telephone  813  319  1390 
or  email  sales@auditwizard.com 

Download  a  FREE  trial  today!  www.auditwizardxom 
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imperative  end  users 

Put  an  end  to  push  back  against  technology  change  and  quell  the  complaints 
by  reaching  out  to  learn  users’  needs  and  how  to  fulfill  them. 


A  five-part  series  on  how  to 
turn  challenges  into 
opportunities. 


Editor's  note:  This  is  the  second  installment  of  a  five-part  series  on  the  threats  facing  IT 
executives  and  how  to  mitigate  them. 

Faculty,  administration  and  students  at  the 
University  of  Toronto  have  complaints  about  the 
IT  staff  that  are  similar  to  complaints  end  users 
have  in  many  corporations:  The  IT  staff  disrupts 
their  lives  rather  than  makes  them  better. 

“They  upgraded  my  PC  with  Windows  XP  and  I  can’t  find  any  of 
my  files,”  is  one  of  the  complaints  from  end  users  documented  by 
Marden  Paul,  the  university’s  director  of  strategic  computing. 

The  answer,  he  says,  is  better  communication  between  the  peo¬ 
ple  who  install  and  maintain  the  technology, and  those  who  use  it 
in  their  jobs.That  is  the  task  Paul  was  hired  to  carry  out, but  it’s  not 
easy  With  no  direct  authority  to  demand  anything,  he  is  charged 
with  making  the  university’s  decentralized  IT  departments  work 
together. 

“What  I  can  accomplish  is  based  on  moral  suasion.  I  perform  the 
Socratic  gadfly  function:  1  run  around  among  people  and  ask  ques¬ 
tions.  1  bring  people  together  to  get  them  to  work  together?  he  says. 

The  challenge  Marden  and  others  face  is  three-fold: 

1 .  Users  feel  IT  staff  just  doesn’t  get  how  much  they  can  negatively  impact  their  lives. 

2. IT  Staff  feels  users  are  naive  about  technology  and  underappreciate  what  IT  does. 

3.There  is  no  easy  way  to  resolve  these  mutual  misunderstandings. 

As  end  users  demand  more  from  technology  there  is  an  increasing  need  for  jobs  like 
Paul’s,  says  Joan  Mann,  a  professor  at  Old  Dominion  University  and  an  IT  management 
consultant.  She  says  users  are  pushing  back  to  the  point  of  using  contract  clauses  to  limit 
the  number  of  software  revisions  allowed  per  year  and  filing  grievances  that  say  they  are 
forced  to  use  new  technology  without  end  users  approving  it  first. 

Mann  has  identified  what  she  calls  an  IT-user  gap  that  needs  to  be  filled,  and  in  some 
cases  that  means  hiring  a  person  to  fill  a  hybrid  position  such  as  Paul’s  that  is  neither  IT  nor 
part  of  an  organization’s  business  staff. 

But  the  task  can  also  be  handled  by  people  within  IT  departments  who  are  chosen  not 


for  their  technology  skills  but  for  their  ability  to  interact  successfully  with  others.  Or,  the  job 
can  be  delegated  to  users  with  a  technology  bent  who  understand  the  business  needs  of 
the  organization  and  articulate  whether  IT  meets  those  needs,  she  says. 

Massachusetts  government  is  embracing  the  first  alternative:  a  group  of  IT  professionals 
known  as  relationship  managers,  says  Peter  Quinn,  the  commonwealth’s  CIO. These  man¬ 
agers  are  assigned  to  specific  state  departments.  It  is  their  business  to  know  the  business 
goals  of  their  departments  and  successfully  supply  them  with  the  appropriate  technology 

“They  should  be  in  front  of  customers  all  the  time,”  Quinn  says  of  the  relationship  man- 
agers.They  should  almost  never  be  at  their  desks.”  One  of  the  best  went  to  all  staff  meet¬ 
ings  at  the  agency  he  was  assigned  to  in  order  to  get  inside  their  mind-set,  he  says. 

Written  and  verbal  communications  skills  and  negotiating  finesse  are  the  skills  Quinn 
seeks  for  his  relationship  managers.They  have  to  get  things  done  via  influencing  practices 
rather  than  a  hammer  and  tongs,”  he  says. 

The  College  of  New  Jersey  in  Ewing  uses  the  model  of  end-user  departmental  liaisons  to 
the  IT  staff  to  improve  the  delivery  of  technical  services, says  Jeff  Kerswill, the  school’s  direc¬ 
tor  of  user  support  services.  Academic  departments  choose  these  people  to  communicate 
the  departments’  needs  to  the  IT  staff,  he  says. 

Generally  the  liaisons  demonstrate  an  interest  in  technology  and  have  good  relations 
with  the  faculty  in  their  departments,  Kerswill  says.These  liaisons  provide  IT  with  an  insight 
into  user  thinking,  and  help  spread  the  word  among  users  about  IT  projects  and  what  to 
expect  from  them. 

On  the  IT  side,  the  College  of  New  Jersey  has  a  team  of  support 
specialists  who  are  assigned  to  particular  departments  similar  to 
the  Massachusetts  model.“We’re  looking  for  people  who  have  very 
good  interpersonal  skills  and  the  ability  to  juggle  responsibilities. 
They  may  have  25  different  faculty  calling  about  25  different  pro¬ 
jects,  and  we  look  for  how  they  would  prioritize,”  Kerswill  says. 

Mann  says  it  is  important  for  IT  to  address  the  IT-user  gap 
because  users  are  pushing  harder  against  technology  changes 
when  they  don’t  fully  understand  them.  “We  just  can’t  drop  tech¬ 
nology  on  someone’s  desk  anymore  and  expect  them  to  accept 
it,”  she  says.  “They’re  not  willing  to  accept  arbitrary  changes  that 
don’t  make  sense  to  them.” 

To  avoid  the  pitfalls,  IT  departments  can  take  action,  Mann  says. 
First,  they  should  find  out  what  their  reputation  is  among  users.  For 
instance,  complaints  at  the  University  of  Toronto  included  that  IT 
staff  uses  “tech  speak”too  often, so  it  cannot  be  understood.lt  also 
doesn’t  adequately  communicate  why  users  should  be  con¬ 
cerned  about  viruses  and  other  threats,  Paul  found. 

Once  IT  departments  become  aware  of  any  pitfalls,  they  need  to 
identify  who  their  customers  are,  identify  what  their  needs  are  and 
fulfill  them,  which  is  the  main  goal  of  any  IT  organization,  Mann  says.  Then  they  need  to 
communicate  clearly  what  they  are  doing  to  meet  those  needs,  says  Kathleen  VanScoyoc, 
a  consultant  with  Mann  at  Adept  Solutions  Global.The  more  formal  interactions  between 
users  and  IT,  the  better,  she  says. 

When  IT  succeeds,  it  needs  to  advertise  it,  she  says.  “Do  IT  departments  do  reputation 
[enforcing]  activities  and  impression  management  activities?  They  should,”  VanScoyoc 
says.“Market  yourself  so  users  know  you  did  a  good  job.” 

If  an  IT  department  has  a  good  reputation  and  something  goes  wrong,  it  can  enjoy  a  halo 
effect  that  will  mitigate  disappointment  over  the  shortcomings  of  subsequent  projects, she 
says. Without  that  good  reputation,  users  won’t  show  any  mercy“One  bad  thing  and  every¬ 
one  talks  about  it, ’’VanScoyoc  says.“It  takes  10  good  things  before  someone  will  say  some¬ 
thing  good  about  you.”B 


CHALLENGE 

End  users  are  lashing  back  at  the 
perceived  shortcomings  and 
insensitivity  of  IT  departments, 
making  it  difficult  to  implement 
technical  change  that  can  promote 
business  goals. 

RESPONSE 

By  cultivating  IT  specialists  with 
excellent  communication  and 
negotiation  skills  who  listen  to 
end  users  and  prepare  them  for 
technology  changes,  IT  executives 
can  help  maintain  focus  on  attain¬ 
ing  business  success. 
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KVM  over  IP 


Cyclades  AlterPath™  KVM/net 
offers  a  unique  set  of  features: 

■  Server-based  authentication 

(NT  domain,  LDAP,  Secure  ID,  RADIUS,  TACACS+) 

■  16  and  32  port  models 

■  CAT5  cabling  up  to  500  feet 

■  User  access  logging 

■  System  event  syslog 

■  Integrated  power  management 


Over  85%  of  Fortune  100 
choose  Cyclades. 


Eniov  the  mai  ic 


Secure  KVM  over  IP  switch 


Centralized  system  management 


We've  worked  our  magic. 
Now  you  can  work  yours. 


www.cyclades.com/nw 

1.888.cyclades  -  sales@cyclades.com 


cydades 
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www.nwfusion.com 


RGI 


iDer/^ngel 

The  Ultimate  in  Workstation  Security 


Two-Factor  &  Single  Login  User  Authentication 

Configurable  Secure  Drive  for  Information  &  Application  Protection 

Prevents  Unauthorized  Remote  Access  to  Servers  or  Accounts 

Tracking  and  Recovery  of  Lost  or  Stolen  Computers 

Privacy  Act  Compliance 

24  /  7  Security  Monitoring  &  Support  Center 

Over  8  Years  of  Proven  Success 


©  1996-2005  CSS,  Inc.  Patented  Technology 
475  Metroplex  Drive  Suite  104  Nashville,  Tennessee  37211 
All  rights  reserved. 

Laptop  Courtesy  of  Overam.com. 


Contact  us  today  for  your  free  evaluation  copy! 


800.501 .4344 
www.thecyberangel.com 


RATING 


Local  or  Remote  Server  Management  Solutions 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 

Easy  to  expand  _ _ 


RackView™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


800  333  9343 

WVyW.ROSE.COM 


ELECTRONICS 


technology. 


Rose  Electronics 
10707  Standiff  Road 
:  Houston,  Texas  77099 

■;  %  ;  ■  T.’ 

ROSE  US  +281  933  7673 

RQSE  EUROPE  +44(0)1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


Anti-spam  technology  failing?  Well... 


YOU’VE 


Meridius  Security  Gateway 

99%  spam  detection  rate, 

0%  false  positives, 

100%  virus  blocking1 


Call  1.866.895.6931  and  get  a  $5000*  trade-in  credit 


*  Contact  a  BlueCat  Networks  representative  for  promotion  details.  Limited  time  offer.  Promotion  code:  BCN-M105 
t  “Scanning  for  Spam”,  Network  Computing  Magazine  Oct.  28,  2004 


^iNSIDETHEDOMAiN" 

www.bluecatnetworks.com/subsoribe 


BlueCat  Networks 

secure  networks,  simplified. 


Call  us:  Schedule  your  free  demo  today. 

1.866.895.6931  Visit  www.bluecatnetworks.com/meridius/nww 


BlueCat  Networks,  the  BlueCat  Networks  logo.  Meridius  Security  Gateway  and  the  Meridius  logo  are  trademarks  of  BlueCat  Networks.  Inc. 
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Boot  Bar 


www.nwfusion.com 


Control  Power  on  Any  AC 
Powered  Device ... 

Via  Web  Browser,  Telnet, 

Modem  or  Local  Terminal 

Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 
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© 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1U  and  2U  Models 

Web  Browser  Interface 
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Want  asi  Online  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTi. 


Yes,  We  are  Customer  friendly! 

V  Two  Year  Warranty 

V  We  Stock  for  Same  Day  Shipment 

V  30  Day  l\lo-Fee  Return  Policy 

V  Start-up  Cables  and  Rack  Kits  Included 


Dual  / 
Power  ^ 
Inputs 
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Tel 

NBB-1600 

www.wti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 


CDI  offers: 

^-9  Hardware  encryption  over  dial-up 
and  network  connections 
RSA  certified  SecurlD  authentication 
without  a  network. 

Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications 

Remote  Power  control 

Homologous  world-wide  approved 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


SEN$APHONEs 


Power  Ethernet 
Control  Port 
Interface 


Internal  Voice, 
Modem 
&  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Tel:  877-373-2700 

Phonetics,  Inc.  H 
901  Tryens  Ro  d 

www.ims-4000.com 

Aston,  PA  1901  u 

!  , 

SAVE  $129 


NetworkWbrU 


for  a  FREE  Subscription 

($129  value) 


•  51  weekly  issues  •  Product  tests  and  reviews 

•  Expert  opinion  •  6  special  issues 


Subscribe  today  at  my.nww.com 

enter  priority  code  B04A 


SAVE  $129 


FREE 


Subscribe  today  at 


my.nww.com 

Enter  priority  code  B04A  and  SAVE  $129 
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INSTRUMENTS 


OBSERVER’ 


How  much  can  your  network  analyzer  handle? 

Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.1 1  a/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every  site 
on  your  network  with  one  complete  solution.  Choose  Observer. 

-5GCURI  tv  COnTRDL- Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 

-RLERT  -  Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 

-nETWORK  OMERLORl]-  Monitor  bandwidth  utilization, access 
point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 

US  &  Canada  toll  free  800.526.5958 

fax  952.932.9545 

UK  &  Europe  +44(0)1959569880 

www.networkinstruments.com/analyze 
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Climate  Monitor 

$389 


Ethernet/Web  Rack  Mounted 


Temperature 
Air  Flow 
Humidity 
Door  position 
Sound 
Ught  Level 
Power 

Video  optional 
16  external  sensors 


Monitor  Multiple  Cabinets 

HTML  (no  client  needed) 
SMTP  (e-mail  alerts) 
SNMP  (MIB,  Traps) 
Graphing 
Console 


O  IT  Watchdogs 


Buying,  Selling  and  Leasing  Since  1981 


800- 

VOIR  Gateways  AS535-8T1-192-AC  AS54HPX-8T1-192-AC 

AS535-2E1  -60-AC  AS5400-8E1-210-AC  AS54HPX-8E1-210-AC 

AS535-2T1  -48-AC  AS5400-8E1 -240-AC  AS54HPX-8E1  -240-AC 

AS535-4E1  -1 20-AC  AS5400-8T1-192-AC  AS54HPX-16T1-384-AC 

AS535-4E1-108-AC  AS5400-16T1-384-AC  AS54HPX-16E1-480-AC 

AS535-4T1-96-AC  AS5400-16E1-480-AC  AS54HPX-CT3-648-AC 

AS535-8E 1-210- AC  AS5400-CT3-648-AC 


Cisco  Systems 


AS5300  VOIP/Voice  Bundles  (AC  or  DC,  16MB  Flash) 

AS5300-48V0IP4T1/48C542  voice  ports 
AS5300-48V0IP  A4T 1  VOIP-A,  48  C542  vok 
AS5300-60V0IP  A4E1  VOIP-A,  60  C542  voir 
AS5300-96V0IP  T1/96  C549  voice 
AS5300-96V0IP-A  T 1 +/96  C549  voice 
AS5300- 1 20V0IP-A  -  E1+/120  C549  voice 
AS5300  Dialup/Data  Bundles  (AC  or  DC 
AS53-96-CH  4T1  %  V90  ports 
AS53-192-CH  8T1  1 92  V90  ports 
AS53-120-CH  4E1  120  V90  ports 
AS53-240-CH  8E1  240  V90  ports 
Routers 
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1 500  Senes  4500  Series 

2500  Series  6500  Series 

4000  Series  ISP  Series 


And  More  From... 

ADWATi 
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7204vxr 
7206 vxr 
3600  Series 


2600  XM  Series 
2500  Series 
1700  Series 


Tetenettei' 


l 0  CamerAccess- 


732-833-2111 

Sales@wrca.net 


See  it  working  at: 
http://63.237.104.17 


www.ITWatchdogs.com 

512-257-1462 


Wide  Bank  28  Access  Bank  1 

Adit  600  Access  Bank  2 


Go  to  www.wrca.net 
tor  more  products 
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How  Do  You 
Distribute 

20,000  Watts  in 

our  Cabinet? 

Sentry  CDU  Cabinet  Power  Distribution 


Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

Power  demands  from 
today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual¬ 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


High-density  Equipment  Cabient  Power  Distribution 

84-Outlet  Receptacles 

20,000  Watt  3-Phase  Power  Distribution  Model 

1 0,000  Watt  208  VAC  Power  Distribution  Model  t 

True  RMS  Power  Monitoring  per  Branch  Circuit 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing  < 

Web  Interface'' 

SNMP,  MIB  &  Traps  < 

Integrated  Temperature  &  Humidity  Probes  < 

Color-coded  Outlets  by  Branch  Circuit/Electrical  • 
Phase  for  Easy  Identification 

Center  Rail  "Notch"  for  Simplifying  Cabinet  Installation  > 


©Server  Technology,  Inc.  Sentry  Is  &  trademark  o(  Server  Technology.  Inc 


Delight  Consulting  Services, 
LLC,  an  IT  consulting  co.  has 
permanent  positions  open  for 
Software  Engrs  &  IT  Consultants 
to  dsgn  &  dvlp  prgms  &  applies 
w/following  skills  or  a  combo 
thereof: 

Technical  Architects  w/exp  in 
J2EE  Architecture,  Weblogic, 
iPlanet,  ERP  Systems,  SAS, 
PERL,  XSL/XSLT,  SOAP,  LDAP, 
Selectica,  XML,  JAXB,  JAXP, 
Object  Oriented  Dsgn  &  Dvlpmt 
methodologies  &  applied  dsgn 
patterns. 

Datawarehousing  Consultants 
w/exp  in  performing  ETL,  dsgn 
exception-handling  strategies  & 
engage  in  performance  tuning  of 
d/bases.  Work  w/lnformatica, 
Powerconnect,  SAPBW,  Cog- 
nos,  Reportnet  &  Metrics/ 
Framework. 

Software  Developers  w  / 
Database  Dsgn,  Administration, 
Tuning  &  Data  Modeling  skills. 
Exp  in  dvlpmt  &  implmtn  of  ERP 
solutions  using  Oracle  Applies 
10.7SC/1H,  Oracle  Dsgnr, 
Oracle  Applic  Server,  Oracle 
Workflow,  Oracle  Jdvlpr,  Oracle 
Toplink,  Unix  Shell  Scripting, 
PVCS.  Websphere  4.X/5.X, 
J2EE,  DB/2  WinRunner,  Load- 
Runner,  &  Rational  Robot. 
Candidates  must  be  able  to  ana¬ 
lyze  reqmts,  prep  test  plans,  test 
cases,  &  scope  documents. 
Candidates  are  reqd  to  perform 
s/ware  deployments,  maintain 
code  &  trouble-shoot. 

Must  have  MS/BS  in  Comp  Sci, 
Engg,  Math  or  Business.  Exp 
reqd  varies  from  1  -5  yrs  in  skills 
identified  above.  Competitive 
salary  &  benefits.  Must  be  willing 
to  relocate/travel  to  various 
unanticipated  Iocs  thoughout 
US.  Resume  to:  HR  Dept.,  P.O. 
Box  71006,  Rochester  Hills,  Ml 
48307  or  email  to  hr@delight- 
consulting.com 


Compuware 

At  Compuware,  you  can  put 
your  IT  experience  to  work  while 
constantly  developing  new  skills. 
We  currently  have  the  following 
nationwide  opportunities: 

•  Business  Analysts 

•  Database  Administrators 

•  Network  Administrators 

•  Product  Sales 

•  Product  Management/Support 

•  Programmers/Analysts 

•  Project  Managers 

•  QA  Analysts 

•  Software  Developers/ 
Engineers 

•  System  Analysts 

•  Technical  Writers 

•  Web  Developers 

•  Recruiting  Manager 
www.compuw3re.com/careers 

Be  sure  to  indicate  the  specific 
title  and  location  you  are  apply¬ 
ing  for  on  your  application  letter. 
Send  your  resume,  referring  to 
ad  #!TC071204,  to: 

Compuware  Corporation, 
Attention:  Recruiting 
One  Campus  Martius 
Detroit,  Ml  48226,  E-mail: 
ad3@comouware.com. 

EOE 


Software  Engineer  wanted 
by  Software  Development 
company  in  Whippany,  NJ. 
Must  have  bachelors 
degree  in  Engineering  or 
Computer  Science.  Must 
speak,  read  and  write 
Korean.  Please  reply  to: 
Attn:  Kenneth  Stertzer,  HR 
Manager,  Image  Solutions, 
Inc.,  100  South  Jefferson 
Rd..  Whippany,  NJ  07981. 


Software  SE  (Software  Engin¬ 
eer)  Ames,  IA:  Design,  develop, 
implement  and  debug  and  main¬ 
tain  high-performance  Visuali¬ 
zation  software  on  multiple  oper¬ 
ating  systems  and  platforms 
using  the  C++  language  on  win¬ 
dows  and  UNIX  platforms.  Main¬ 
tain  graphics  card  certification 
process  for  various  graphics 
systems  available  in  the  market. 
Design  and  implement  visualiza¬ 
tion  features  for  the  TeamCenter 
Visualization  line  of  products. 
Follow  established  in-house 
software  engineering  processes 
to  produce,  design  and  imple¬ 
mentation  documentation,  re¬ 
view  finished  code,  and  manage 
code  using  industry  standard 
source  code  management  sys¬ 
tems.  Requires:  Master's  or  equ¬ 
ivalent  in  Computer  Science  or 
Computer,  Mechanical,  Biomed¬ 
ical  Engineering  or  Computer 
Science  or  Computer  Graphics. 
Employer  will  accept  completion 
of  course  work  except  thesis  for 
Master's  degree  as  equivalent.  1 
year  experience  in  job  offered  or 
lyear  experience  as  Software 
Engineer  or  Graduate  Research 
Assistant  using  C  or  C++  and 
developing  software  on  Win¬ 
dows  Platforms.  Requires  15 
graduate  credit  hours  in  mech¬ 
anical,  electrical,  computer,  or 
biomedical  engineering  courses. 
Requires  12  credit  hours  in  com¬ 
puter  engineering  or  computer 
science,  6  of  the  12  credit  hours 
must  be  at  the  Graduate  level, 
and  must  include  at  least  one 
course  in  computer  graphics. 
Salary:  $  64,056.00/yr.  Work 
week:  40  hrs/wk;  8:00  a.m,  to 
5:00  p.m.  Must  have  proof  of 
legal  authority  to  work  in  the 
United  States.  Send  your  re¬ 
sume  to  the  Ames  Workforce 
Development  Center,  122 
Kellogg  Avenue,  Ames,  Iowa, 
50010-0410.  Please  refer  to  Job 
Order  Number:  IA1101935.  Em¬ 
ployer  paid  advertisement. 


Web  Security  Architect  need¬ 
ed  to  plan,  coord  &  implmt 
security  measures  for  inter¬ 
net,  intranet  &  extranet  to 
regulate  access  to  comp 
data  files  &  prevent  unautho¬ 
rized  modification,  destruc¬ 
tion  or  disclosure  of  info 
using  Vasco  Corp's  Snare- 
Works,  SnareWeb  &  OSF 
DCE.  Resume  to:  Ambient 
Consulting,  Attn:  HR,  5500 
Wayzata  Blvd.,  #1250,  Mpls, 
MN  55416.  EOE. 


Senior  Application  Developer: 
Dev.  web  based  app.  for  Internet, 
Intranet,  Extranet,  &  back  office 
systems,  using  knowledge  of  both 
server  side  &  client  side  dev.  in 
RAD  environ.  BS  in  CS  w/abil.  to 
use  COM,  COM+,  ASP,  HTML, 
DHTML,  JavaScript,  XML,  CSS1 
&  CSS2  tech.,  C,  ASP.NET,  n-tier 
app.  (can  be  met  w/1  college 
course  or  6  mos.  exp.).  Must  have 
certificates:  Cisco  Certi.  Network 
Prof.,  Microsoft  Certi.  Solution 
Developer.NET,  Microsoft  Certi. 
Database  Adm.,  Microsoft  Certi. 
System  Eng.,  &  Sun  Java  Certi. 
Programmer.  40  hr/wk.  9-5.  Send 
resume  to:  Mr.  Henry  M.  Diller, 
CTO,  Carroll  White  Advertising, 
One  Ravinia  Drive,  Suite  200, 
Atlanta,  GA  30346 


Database  Analyst  IV  for  pro¬ 
gramming,  designing  and  ana¬ 
lyzing  of  Islet  Transplant  and 
CGMP  information  systems.  F/T 
position  in  Miami  pays  market 
level  salary.  Applicants  with 
Bachelor's  degree  in  Comp. 
Science  or  MIS  with  8  yrs  rel. 
exp  in  the  job  offered  including  2 
years  in  a  supervisory  capacity, 
and  proficiency  in  File  Maker 
Pro  Database  systems  send 
resumes  only  to  M.  Fernandez, 
DRI(R134)  PO  Box  016960, 
Miami,  Florida  33101.  University 
of  Miami  is  a  drug/smoke  free 
workplace  and  EO/AA  Employer. 


SYSTEMS  PROJECT  ANA¬ 
LYST.  40  hrs  per  wk.  Mon-Fri,  8 
am-5pm.  Masters  degree  plus  1 
year  experience  or  Bachelors 
degree  plus  2  years  of  experi¬ 
ence  or  equivalent  experience 
can  substitute  for  college  educa¬ 
tion.  Experience  requirements 
and  job  entails  design  and  de¬ 
velopment  of  applications  using 
DB2,  WebSphere  Studio  Appli¬ 
cation  Developer,  WebSphere 
Server,  MVS,  Linux,  Oracle  and 
SQL  Server.  Resumes  only  to: 
Robbie  Stroud,  Florida  De¬ 
partment  of  Financial  Servic¬ 
es,  200  East  Gaines  Street, 
Suite  112-C,  Tallahassee,  FL 
32399-0314.  Resumes  must  be 
received  by  March  4,  2005. 
"Preference  shall  be  given  to 
veterans  &  spouses  of  veter¬ 
ans  as  provided  by  Chapter 
295,  FL  Statutes.  EEO/AA 
Employer. 


Data  Communications  Engineer 
New  York  co.  seeks  Data 
Comm.  Eng.  Min  2  yrs  network 
design,  security,  install,  admin. 
Working  knowledge  Wireless 
LAN,  Switches,  Hubs,  Routers, 
Bridges,  Firewalls.  Proficient 
Win  &  Exch.  2003  Server, 
Double  Take,  VBScript,  MS 
SQL,  Data  Modeling,  Analysis, 
Design.  B.S.  Comp,  or  Elec. 
Eng.  or  foreign  equivalent 
required,  Fax  resume  to  IT  by 
Design  646-201-9536.  EOE 


Project  Manager  sought  by 
NYC  Computer  Consulting 
firm  to  dsgn,  dvlp  &  implmt 
business  applies  using  s/ware 
technologies  such  as  Java, 
JDBC,  J2EE,  XML,  XSLT, 
SQL,  Oracle,  UML,  TCP/IP  & 
mgmt  technologies  such  as 
Rational  Unified  Process  & 
extreme  Programming.  Must 
have  MS  in  Comp,  Electrical 
or  Info  Systems  Engg  or  relat¬ 
ed  w/3  yrs  relevant  work  exp. 
Resume  to  Gemini  Systems, 
HR  #1AW,  61  Broadway,  Ste 
925,  NY,  NY  10006. 
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SOFTWARE  ENGINEERS  (8 
Positions)  to  provide  on-site 
consulting  in  design,  analysis 
and  development  of  software  for 
legacy  systems  in  Oracle/IBM 
mainframe  environment;  devel¬ 
opment  and  administration  in 
Oracle,  DB2,  SQL  Server,  e- 
commerce,  ERP  (PeopleSoft, 
Oracle,  SAP)  applications  and 
web  systems  development  in 
Java  and  Microsoft  related  tech¬ 
nologies.  Require:  B.S.  or  equiv¬ 
alent  in  Engineering,  Computer 
Science,  Mathematics,  Science 
or  closely  related  field  with  two 
years  experience  providing  skills 
in  described  duties.  40%  travel 
to  client  sites  within  the  United 
States  required.  Competitive 
salary  and  benefits.  Apply  with 
resume  to:  Human  Resources, 
S4  Consultants,  Inc.,  1005 
Montclaire  Drive,  Cumming,  GA 
30041. 

Seeking  qualified  applicants  for 
the  following  positions  in 
Memphis/Collierville,  TN:  Sen- 
ior  Proorammer  Analvst. 

Formulate/define  functional  req¬ 
uirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  deg¬ 
ree*  or  equivalent  in  computer 
science,  MIS,  engineering, 
mathematics,  business  informa¬ 
tion  systems  or  related  field  plus 
5  years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  Oracle  query 
performance  tuning,  Abitinio 
ETL  Tool  and  Unix  Shell 
Scripting  also  required. 

'Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Joy  Stubbs,  FedEx  Corporate 
Services,  60  FedEx  Parkway, 
2nd  Floor  Horizontal,  Collierville, 
TN  38017.  EOE  M/F/DA/. 

Programmer/Analyst  needed  for 
Software  Development,  Serv¬ 
ices  &  BPO  firm  located  in 
Burlington,  VT.  Job  duties 
include:  Analyze,  design,  code, 
develop  and  implement  comput¬ 
er  applications  for  clients  located 
throughout  the  U.S.  Engage  in 
multi-dimensional  and  relational 
modeling.  Use  Oracle,  SQL 
Server,  Erwin,  and  SQL  Server 
DTS.  Perform  work  as  part  of  a 
team.  Applicant  must  have  B.S. 
degree  in  Computer  Science, 
Business,  Math  or  Engineering. 
Applicant  must  also  have  1  yr. 
exp.  in  the  job  duties  described 
above  or  in  any  computer  relat¬ 
ed  occupation  which  must 
include  skills  listed  above. 
40hrs/wk,  8:00am-5:00pm, 

Mon-Fri,  $60,008/yr.  Send 
resumes  to:  Job  No.  31155, 
P.O.  Box  488,  Montpelier,  VT 
05601-0488. 

SOFTWARE  ENGINEERS  (2 
Positions)  to  analyze,  design, 
develop,  implement,  product 
support  and  maintain  Enterprise 
Integration  code  and  software 
applications  for  financial,  supply 
chain/service  industry  using 
Java,  Oracle/DB2,  WebMethods 
Integration  Server,  WebMethods 
Broker  and  Trading  Networks  on 
operating  systems  Windows 
NT/2000,  Sun  Solaris  and  UNIX. 
Require:  M.S.  (Or  equivalent)  in 
Computer  Science  and  two 
years  experience  in  the  job  of¬ 
fered  or  as  Integration  Develop¬ 
er.  40%  travel  to  client  sites  with¬ 
in  the  United  States  required. 
Competitive  salary  and  benefits, 
40  hours/week,  8  am  to  5  pm,  M- 
F.  Mail  resume  to:  Vice  Presi¬ 
dent,  Frontline  Consulting  Ser¬ 
vices,  Inc.,  8701  Mallard  Creek 
Road,  Charlotte,  NC  28262. 

Comp:S/w  Developer(NewYork) 
Multiple  posi'ns:Desgn  &  devlp 
Oracle  databases  for  Sun 
Solaris.  Create,  dev.,  maintain 
and  modify  HR  Recruitment 
Automation  database  apli'ns  for 
web,  using  SQL,  PL/SQL  and 
Java,  working  individually  or  co- 
ordtng  database  dvlpmnt  as  a 
team.  Analyze  user  req's  & 
bus.processes  to  automate  or 
improve  existing  sys.  and  review 
comp  sys.  capabilities.  Analyze 
&  refactor  existing  appli'ns  to 
identify  &  eliminate  possible 
security  vulnerabilities  and  per¬ 
formance  bottlenecks.  BS  in 
Com  sci  or  applied  math  or  Infor. 
Tech  or  Electronic  Engg  w/4yrs 
exp.  40hrs  9a-5p.  Reply  w/2  res 
to:  WebRecruiter  LLC,  20 
Exchange  Place,  Ste  #4600,  NY 
NY  10005 

SYSTEMS  PROJECT  ANA¬ 
LYST.  40  hrs  per  wk.  Mon-Fri,  8 
am-5pm.  Masters  degree  plus  1 
year  experience  or  Bachelors 
degree  plus  2  years  of  experi¬ 
ence  or  equivalent  experience 
can  substitute  for  college  educa¬ 
tion.  Experience  requiring  know¬ 
ledge  of  network  administration, 
client  server  environments, 
PowerBuilder,  S-designer,  DB-2. 
Knowledge  of  computer  data¬ 
base  modeling  and  systems 
analysis  design  and  computer 
operating  systems.  Resumes 
only  to:  Robbie  Stroud,  Flori¬ 
da  Department  of  Financial 
Services,  200  East  Gaines 
Street,  Suite  112-C,  Tallahas¬ 
see,  FL  32399-0314.  Resumes 
must  be  received  by  March  4, 
2005.  "Preference  shall  be 
given  to  veterans  &  spouses 
of  veterans  as  provided  by 
Chapter  295,  FL  Statutes. 
EEO/AA  Employer. 

IT  Careers  editorials  cover 
relevant  topics  in  the 
following  industries: 


Healthcare 
Security  &  Defense 
Finance 

Biotech/Pharmaceutical 
Insurance 
Diversity 
Consulting 
Telecom/Wireless 
Manufacturing 
And  many  more.... 

Our  readers  include  the  qualified 
IT  professionals  that  your 
company  is  looking  for. 


For  more  information, 
contact  us  at:  IT 

800-762-2977 


careers 


Web  Developer 

Design,  develop  &  maintain 
web-based  image  retrieval  & 
archival  application  capable  of 
full-text  search,  auto  query, 
annotation,  reporting  &  workflow 
using  various  programming  & 
arch,  methods.  BS  in  CIS  w/abil- 
ity  to  do:  web-based  workflow 
diagram  design,  coordinate  & 
orientation  control  using  VML, 
Javascript.  XML,  XSLT,  ASP, 
CSS;  2D/3D  chart  &  graph 
report  generation  using  VML, 
XML,  XSLT,  ASP,  CSS;  two-way 
web  textual  messaging  using 
XMLHTTP  protocol  support, 
XSLT,  DHTML,  Javascript,  CSS; 
image  authoring,  retouching, 
transparency,  layer  &  animation 
control  using  GIMP;  data 
access,  mapping  &  exchange 
between  MSDE  &  MySQL  using 
ADO,  SQL,  ASP;  Web  based 
annotation  w/attachment  using 
FileSystemObject,  ADO  stream, 
&  HTTP  buffer  handling;  HTTP 
elements  handling  using 
Dictionary  scripting  &  client-side 
array;  SQL  Server  DTS  design  & 
implementation;  XML  content 
design,  modeling,  processing, 
rendering,  &  optimization; 
source  control,  bug  tracking  & 
reporting  using  Visual 
SourceSafe,  TestTrack  Pro. 
Certificates:  IBM  Cert.  Sol.  Dev. 
-  XML,  &  W3Schools  Cert.  40 
hr/wk.  9-5.  Resume  to:  Mr. 
Mario  Chang,  Executive  VP, 
CFO,  Virtual  Image  Technology, 
Inc.,  11632  Harrisburg  Road, 
Fort  Mill,  SC  29715 


Amkor  Technology  is  currently 
looking  for  a  Senior  Analyst  for 
our  Chandler,  AZoffice.  The  pri¬ 
mary  function  of  this  position  is 
to  perform  project  management 
and  web  architecture  design  uti¬ 
lizing  tools  such  as  Java,  JSP, 
ASP,  Websphere,  HTML,  Java 
Script,  Dreamweaver,  Oracle 
etc;  analyze  document  reqs  and 
recommend  software  solutions; 
analyze  appl  architecture, 
design  appls  by  creating  proto¬ 
type  solutions  and  study  feasibil¬ 
ity;  create  software  development 
plans,  implement  strategies  to 
improve  business  processes. 
Provide  comprehensive  support 
for  product  lifecycle  business 
processes,  platform,  and  inte¬ 
gration  reqs  utilizing  various 
PLM  tolls  including  Agile  & 
SCMnet.  Require  a  Bachelor's 
degree  or  foreign  equivalent  in 
CS/Business/Engineering  and  2 
yrs  exp  in  web  technology.  In 
lieu  of  a  Bachelors,  3  yrs  of  aca¬ 
demic  studies  in  one  of  stated 
fields  plus  1  extra  yr  of  work  exp 
in  web  technology  will  be 
accepted.  Competitive  salary, 
f/t.  Send  resumes  to  HR,  Amkor 
Technology,  1900  South  Price 
Road,  Chandler,  AZ85248. 
Refer  Job  Id  AKT 1 1 04 


Software  Professionals  in  pro¬ 
gramming/analysis,  systems  an¬ 
alysis,  QA  engineering  &  testing, 
software  engineering,  systems 
administration,  and  related  fields 
at  all  levels,  including  project 
lead  and  manager,  with  relevant 
bachelor's  degree/equivalent. 
Also  seeking  Business  Develop¬ 
ment  Managers,  Business  De¬ 
velopers,  Business  Analysts, 
Market  Research  Analysts, 
Sales  Engineers,  Technical  Re¬ 
source  Management  profession¬ 
als  (several  levels,  Associates/ 
Sr.Executives/Managerj/Senior 
level  positions  require  graduate 
degree/equivalent.  May  be  relo¬ 
cated  for  short  and  long  term 
assignments  throughout  the 
U.S.A.  Zensar  Technologies, 
Inc.,  One  North  LaSalle,  Suite 
3650,  Chicago,  IL  60602.  Send 
resume  &  cover  letter  detailing 
position  sought  &  relevant  expe¬ 
rience  to  balu@usa.zensar.com. 
Please  quote  reference  CW/02/ 
05  Zensar  in  all  your  mails. 


SYSTEMS  PROJECT  ANA¬ 
LYST.  40  hrs  per  wk.  Mon-Fri,  8 
am-5pm.  Masters  degree  plus  1 
year  experience  or  Bachelors 
degree  plus  2  years  of  experi¬ 
ence  or  equivalent  experience 
can  substitute  for  college  educa¬ 
tion.  Experience  requirements 
can  include  knowledge  of  ac¬ 
counting  and/or  the  principles, 
practices  and  techniques  of 
computer  programming  and  sys¬ 
tems  analysis  design;  computer 
flowcharting  techniques;  com¬ 
puter  operation  procedures  and 
systems;  computer  program¬ 
ming  language;  ability  to  design 
systems  logic  and/or  process 
information  logically;  analyze 
and  interpret  computer  program 
data;  identify  and  define  user 
task  needs  and/or  conduct  short 
range  and  long  range  planning 
studies;  prepare  program  speci¬ 
fications;  perform  mathematical 
calculations;  plan,  organize  and 
coordinate  work  assignments; 
communicate  technician  data 
processing  information  effective¬ 
ly;  establish  and  maintain  effec¬ 
tive  working  relationships  with 
others.  Responsibilities  include 
ability  to  write  and  maintain 
application  development  pro¬ 
gramming  code  in  accordance 
with  all  stated  specifications. 
Assist  in  the  development  of 
project  documentation,  and 
maintain  effective  lines  of  com¬ 
munication  with  users,  peers, 
and  management  regarding  the 
status  of  the  project.  Provide 
support  of  system  software 
through  diagnosis  of  problems 
and  implementation  of  changes 
to  resolve  problems  and  main¬ 
tain  software.  Assist  in  the  con¬ 
figuration  management  of  devel¬ 
oped  software  to  maintain  soft¬ 
ware  integrity  and  version  con¬ 
trol  of  development  software. 
Develop  program  specifications 
from  functional  specifications 
and  assist  in  planning  the  alloca¬ 
tion  of  system  resources  in  the 
timely  completion  of  software 
development  projects.  Develop 
and  present  test  criteria,  test 
new  and  modified  programs  and 
systems  to  ensure  that  planned 
results  are  obtained.  Resumes 
only  to:  Robbie  Stroud,  Flori¬ 
da  Department  of  Financial 
Services,  200  East  Gaines 
Street,  Suite  112-C,  Tallahas¬ 
see,  FL  32399-0314.  Resumes 
must  be  received  by  March  4, 
2005.  "Preference  shall  be 
given  to  veterans  &  spouses 
of  veterans  as  provided  by 
Chapter  295,  FL  Statutes. 
EEO/AA  Employer. 


Alcorn  State  University  seeks  a 
qualified  Chief  Programmer. 
Must  have  a  Master's  degree  or 
equivalent  in  Computer  Science, 
Computer  Engineering,  Engin¬ 
eering,  or  related  field  plus  3 
years  of  experience  in  the  posi¬ 
tion  offered  or  3  years  experi¬ 
ence  developing  applications. 
In  lieu  of  a  Master's  degree  as 
described  and  3  years  of  experi¬ 
ence  as  described,  employer  will 
accept  a  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Computer  Engineering,  Engin¬ 
eering,  or  related  field  plus  5 
years  of  experience  in  the  posi¬ 
tion  offered  or  5  years  experi¬ 
ence  developing  applications. 
40  hrs/wk.  Must  have  legal 
authority  to  work  in  the  U.S. 
Send  resume  and  cover  letter  to 
Dr.  Dalton  McAfee,  Alcorn  State 
University,  1000  ASU  Drive, 
#479  Lorman,  MS,  39096. 


Consultant  sought  by  NYC 
Computer  Consulting  firm  to 
analyze  user  needs,  to 
dsgn,  dvlp  &  implmt  medium 
to  large  scale  applies  using 
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Java  Script,  J2EE,  HTML, 
XML,  CSS,  VB,  OLE/COM, 
ActiveX.  Must  have  BS  in 
Comp  Sci  or  Engg  or  related 
or  equiv  w/relevant  work 
exp.  Resume  to  Gemini 
Systems,  HR  #1CEL,  61 
Broadway,  Ste  925,  NY,  NY 
10006. 
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requirements  for  comp, 
software  &  web-based 
comp.  apps.  Req'd:  MS  in 
Eng'g.  2  yrs.  exp.  Exp.  w / 
Visual  Basic,  SQL,  Or¬ 
acle,  XML,  and  HTML. 
Resumes:  REFERENCE 
#011.  Forest  Labs.  500 
Commack  Rd.  Commack, 
NY  11725. 


Software  Applications 
Developer 

Design,  develop  &  test  a  hosted 
service  provided  to  financial  ser¬ 
vices  industry.  Analyze  require¬ 
ments,  evaluate  existing  sys¬ 
tems  &  applications  related  to 
Internet  systems  &  to  devise 
state  of  art  solutions  to  meet 
client's  needs.  MS  in  CS  w/abil. 
to  use  C++,  Visual  Basic,  HTML, 
Java  Script,  UNIX,  XForms. 
Send  resume  to  Dr.  Vijay 
Sankaran,  President,  Carte 
Solutions,  Inc.,  11725  Arbor 
Street,  Ste.  310,  Arbor  2 
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Park,  CA  seeks  Soft¬ 
ware  Engineers,  Sr. 
Software  Engineers, 
Systems  Analyst,  Or¬ 
acle  Apps.,  Technical 
Consultants  etc.  Salary 
commensurate  w/edu- 
cation  &  exp.  Fax  re¬ 
sume  to  (818)  676- 
1272  or  e-mail  to 
jobs@ttsus.com  c/o  HR 
Dept. 
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required  by  Mortgage  Service 
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Requires  a  Bachelor's  Degree  in 
Electronic  Engineering  or 
Computer  Science  or  their  for¬ 
eign  equivalent  and  two  (2) 
years  experience  in  job  offered 
Must  have  certification  as 
CCSA,  CCNA  and  CNE.  Send 
resume  to:  HR  (Job  Code  NSA), 
Preferred  Financial  Group.  112 
Park  Place,  Millbrae,  CA  94030. 
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Susan  Cardoza,  National  Sales  Director,  Integrated  Solutions 

Scott  Buckler,  Director  of  Integrated  Solutions 

Stephanie  Gutierrez,  Online  Acct.  Manager,  Integrated  Solutions 

Michael  Hiatt,  Director  of  Integrated  Solutions 

James  Kalbach,  Director  of  Integrated  Solutions 

Debbie  Lovell,  Online  Account  Manager,  Integrated  Solutions 

Kate  Zinn,  Director  of  Integrated  Solutions 

Denise  Landry,  Sales  Coordinator 

Lisa  Thompson,  Sales  Coordinator 

Internet:  knormandeau,  scardoza,  sbuckler,  sgutierrez, 

mhiatt,  jkalbach,  dlovell,  kzinn,  dlandry, 

lthompson@nww.com 

(508)  460-3333/FAX:  (508)  861-0467  

MARKETPLACE/EMERGING  MARKETS 

Donna  Pomponi,  Director  of  Emerging  Markets 

Enku  Gubaie,  Manager  of  Marketplace/Emerging  Markets 

Caitlin  Horgan,  Manager  of  Marketplace/Emerging  Markets 

Jennifer  Moberg,  Manager  of  Marketplace/Emerging  Markets 

Chris  Gibney,  Sales  Operations  Coordinator 

Internet:  dpomponi,  egubaie,  chorgan,  jmoberg, 

cgibney@nww.com 

(508)  460-3333/FAX:  (508)  460-1192 

IT  CAREERS 

Vice  President,  Nancy  Percival,  Director  of  Sales,  Laura 
Wilkinson,  Eastern  Regional  Manager,  Jay  Saveli,  Account 
Executive,  DanielleTetreault,  Sales/Marketing  Associate, 
Deborah  Green 

(800)  762-2977/FAX:  (508)  875-6310 
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BackSpin 


Mark  Gibbs 


The  art  of  being  dumb 

i 


was  just  thinking  about  dumb¬ 
ness.  No  one  is  immune  to  the 
ravages  of  sheer,  unadulterated 
brainlessness  no  matter  how  bright 
they  might  be.This  is  because  the 
leaden  hammer  of  chance  is  always 
hanging  over  our  heads,  Damocles- 
like,  ready  to  fall  at  a  moment’s 
notice  and  make  fools  of  each  and  every  one  of  us. 

But  dumbness  also  shows  up  when  we  don’t  learn 
from  our  experiences  and  misadventures.  Perhaps 
the  greatest  cause  of  dumbness  is  simple  ignorance. 
Here’s  a  great  example  in  a  computer  user’s  message 
sent  to  a  support  department.  It  speaks  volumes 
about  pen  in  fifth  gear,  brain  in  neutral: 

“This  morning  I  tried  to  sign  on  and  for  a  purple 
screen.  After  several  tried  with  different  browsers 
then  I  got  the  message  you  were  down.  I  tried  to  exit. 
It  went  to  a  background  with  huge  pixels  and  stuck. 

I  mean  no  amount  of  rebooting  would  get  rid  of  it. 
Finally  I  had  to  reset  my  wallpaper.” 

Most  often,  dumbness  isn’t  from  what  we  do, so 
much  as  what  we  fail  to  do. 

Let  me  give  you  a  couple  of  random  examples, 
one  from  a  business  that  outlines  bad  thinking  and 
the  other,  all  mine,  that  was  the  result  of  hasty  action: 

Case  1:  A  corporate  d’oh:  Publishers 
Clearinghouse  is  a  well-known  brand.  Like  or  loathe 


’em,  they  are  part  of  the  commercial  landscape. 

Like  all  established  brands  that  aren’t  completely 
brain-dead,  Publishers  Clearinghouse  recognized  the 
potential  for  running  its  business  online  and  started 
doing  e-mail  campaigns. 

Of  course,  being  the  kind  of  folks  they  are  — 
rabid  marketing  types  to  be  exact  —  they  appar¬ 
ently  didn’t  think  that  teaming  with  rabid  spam- 
style  mail  houses  was  a  dumb  idea. 

I  recently  got  one  of  their  e-mail  pitches,  and  not 
only  was  it  kind  of  lame  and  sad,  but  at  the  bottom 
there  was  a  whole  chunk  of  teensy  random  text 
designed  to  help  their  messages  get  past  spam  fil- 
ters.They  were,  dumbly  trying  to  game  the  system. 

Where  the  real  dumbness  lies  is  that  they  are  show¬ 
ing  us,  in  no  uncertain  terms,  that  they  are  willing  to 
bend  the  rules  to  their  advantage.  Now  that  you 
know  this,  can  you  ever  trust  them  (assuming  that 
you  ever  did)?  That  surely  counts  as  really  dumb. 

Case  2:  A  personal  d’oh:  When  you  pass  the  magi¬ 
cal  age  of  50,  doctors  forcefully  suggest  that  one  has 
a  procedure  that  my  editor  would  rather  1  didn’t 
describe  in  any  detail. 

So  being  a  good  patient,  off  I  go.  Well,  because  this 
isn’t  the  most  pleasant  experience,  they  provide  a 
mild  intravenous  sedation.  Anyway  in  short  order  the 
procedure  was  over,  I  had  a  clean  bill  of  health 
(whew), and  I  went  back  to  the  office. 


www, nwfusion.com 


What  I  failed  to  take  into  account  was  that  I  was 
still  mildly  sedated  some  two  hours  later.  Not  whoo 
hoo  stoned,  merely  a  little  out  of  it. 

I  sat  down  at  my  desk  and  tried  to  pick  up  e-mail. 
Nothing.  Hmm.  I  went  to  the  mail  server,  which  was 
running  on  Windows  2003  Server  on  VMware  on  Red 
Hat  Linux,  to  see  what  was  happening. 

<Digression>Please  help  me  out.  My  esteemed  edi¬ 
tor  claims  that  convention  says  applications  run  “on” 
operating  systems  (the  basis  of  this  view  being  the 
seven-layer  model),  while  1  claim  they  run  “under” 
(on  the  basis  of  them  being  “wrapped”  up  by  the 
operating  system). Who  is  right?</digression> 

It  turned  out  I  had  run  out  of  disk  space  under  Lin¬ 
ux,  causing  my  virtualized  Windows  2003  Server  sys¬ 
tem  to  get  upset  and  crash.  I  shut  down  all  theVMs 
and  then  under  Linux  started  to  free  up  disk  space. 

Now  remember,  I’m  still  mildly  sedated,  but  just 
enough  so  I  didn’t  know  I  was  more  than  a  little  off 
bubble.  So  what  do  I  wind  up  doing?  I  delete  theVM 
that  runs  my  mail  server! 

Ah,  a  Homer  Simpson  moment . . .  d’oh.  At  that 
point  I  was  completely  sober. 

Realizing  just  how  dumb  you’ve  been  does  kind  of 
take  that  happy  buzz  off.  All  the  same,  I  might  be 
dumb  and  down  by  a  mail  server,  but  I’m  healthy 

Been  dumb?  Confessions  to  backspin@gibbs.com.. 
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By  Paul  McNamara 


Heard  and  overheard  at  Demo 

Eavesdropping  is  such  an  ugly  word 
given  that  most  of  the  time  we  can’t 

help  but  overhear  the  conversations  of  passers-by  and  those  we  pass. That  it’s 
a  bit  of  a  hobby  is  beside  the  point. 

So  two  guys  are  standing  in  an  otherwise  empty  hotel  hallway  as  I  make  my 
way  by  them  last  week  at  Network  World's  Demo@15  conference  outside 
Phoenix. 

“I  lied  to  the  CEO  yesterday,"  says  one. 

To  which  the  second  deadpans:  "For  the  first  time?” 

They  must  have  heard  me  chuckle.  And  while  I  kicked  myself  the  rest  of  the 
day  for  not  stopping  to  hear  the  full  account,  Demo  offers  so  many  stories  — 
70-p!us  vendors  pitching  their  latest  IT  gear  and  gadgets  —  that  time  is  of  the 
essence.  In  the  interest  of  maximizing  yours,  let’s  separate  the  show  highlights 
into  work  stuff  and  fun  stuff,  with  the  understanding  that  one  theme  of  the 
conference  was  that  more  and  more  technology  is  overlapping  both  categories: 

WORK:  Ready  to  tackle  password  management?  . . .  Oh,  you  say  you'd  rather 
eat  a  router?  When  I  suggested  that  this  sense  of  futility/dread  poses  a  chal¬ 
lenge  for  his  company,  Imprivata  CEO  Patrick  Morley  smiled  and  insisted:  "You 
can  realistically  solve  the  problem.”  Imprivata  intends  to  help  with  a  single 
sign-on  appliance  that  it  says  can  be  deployed  in  days  without  custom  pro¬ 
gramming.  Imprivata  OneSign  supports  a  variety  of  authentication  methods 
and  Win32,  Web  or  mainframe  applications.  Companies  are  ready  to  buy, 

Morley  says,  citing  Imprivata  survey  data  that  shows  the  number  of  IT  depart¬ 
ments  with  budgeted  password  management  projects  has  doubled  from  18%  to 
36%  in  just  eight  months. 

FUN:The  makers  of  home-monitoring  systems  have  promised  to  let  us  watch 
over  and  remotely  manage  our  households  for  years:  keep  an  eye  on  Gramps 


or  the  kiddies  from  our  desktops,  turn  up  the  heat  or  the  lights  from  our  cars, 
that  kind  of  thing.  While  an  appealing  concept,  early  offerings  have  been 
stymied  by  technological  complexities  and  high  costs.  Stepping  up  to  the  plate 
next  is  iControl  Networks,  whose  Web-based  iControl  system  is  "simple, 
affordable,  complete  and,  most  important  of  all,  compelling,"  says  CEO  Reza 
Raji.The  iControl  starter  kit  sells  for  less  than  $500  and  looked  simple  enough 
for  Gramps  and  the  kiddies  to  install  before  you  get  home  for  dinner. 

WORK:  Up  to  40%  of  mobile  phone  minutes  are  burned  by  workers  while  they 
are  on  corporate  campuses  and,  at  least  in  theory,  within  shouting  distance  of 
a  wireless  LAN,  says  Kamal  Anand,  vice  president  of  marketing  and  business 
development  at  Meru  Networks.  Meru’s  new  wireless  LAN  controllers  and 
System  Director  Version  3  software  support  the  toll-quality  wireless  VoIP  that 
large  corporations  demand,  Anand  says,  and  “we’re  on  the  cusp  of  widespread 
adoption." 

FUN:  The  lines  at  Intellif it’s  booth  never  slacked  off  —  and  it  wasn’t  only  that 
the  company  was  giving  away  a  free  pair  of  Levi’s  to  all  comers.  The  Intellif  it 
System  uses  10  seconds’  worth  of  low-power  radio  waves  to  take  the  mea¬ 
surements  of  fully  clothed  individuals  who  stand  in  a  glass  cylinder  about  three 
times  the  size  of  a  phone  booth. The  information  is  supposed  to  let  you  know 
what  sizes  best  fit  you  across  different  clothing  lines.  Everyone  loved  it  and 
many  had  ideas  about  how  Intellifit  can  make  money.  Just  taking  the  guesswork 
out  of  gift-buying  would  be  value  enough. 

WORK:  It’s  said  that  there  are  30  million  PowerPoint  presentations  a  day 
foisted  upon  captive  audiences,  who  greet  them  with  all  the  enthusiasm  gener¬ 
ally  afforded  someone  else’s  vacation  photos.  Software  called  Ovation  from 
Serious  Magic  won't  turn  PowerPoint  flops  into  blockbusters,  but  for  $99  (less 
with  an  enterprise  license)  this  simple  tooi  will  instill  your  slides  withTV-like  pro¬ 
duction  values.  Best  of  all,  it  will  help  keep  your  presentation  delivery  on  sched¬ 
ule.  And  for  that  we  thank  you  in  advance. 


See  more  NetBsizz,  page  9 


,ronWEG  cm 


W--- 


Doing 


things 


lip 


High  Availability  & 
Reliability 


SUPERIOR  PERFORMANCE 

•  Up  to  140,000  L4  connections/sec 

•  Application  throughput  from  2  to  1 2  Gbps 

•  Wire-speed  Layer  2/3  forwarding 

•  Scalable  processor  performance 


•  Resilient  switching  and  routing  foundation 

•  Global  load  balancing  for  multi-site 
scalability  and  survivability 

•  Link  aggregation 

•  Rapid  and  stateful  session  failover 

•  RSTP,  VRRP  for  switch  and  router 
redundancy 

•  Redundant  power  supplies 


SCALABILITY  St 

Expandability 


Port  expansion  to: 

•  48  Gigabit  Ethernet 
•48  10/100  Mbps  Ethernet 

•  4  1 0-Gigabit  Ethernet 


SECURITY 

•  DoS  protection  up  to  4  million  SYN/sec 

•  Wire-speed  ACLs 

•  Application  rate  limiting 

•  Secure  device  management 

•  sFlow  traffic  monitoring 


rich  Features 

•  Intelligent  content  switching  using 


Flexibility  & 

MANAGEABILITY 


In-line,  one-ARM  and  Direct  Server 
Return  modes 

Web,  SNMP,  INM  and  Cisco-like  CLI 


URL,  HTTP,  XML,  cookies,  SSL 
ID  and  others 
IP  NAT 

RIPv2,  OSPF  routing 


Uptime,  scalability,  performance 
and  security  are  the  watchwords 
for  your  network.The  Serverlron® 
application  switch  is  designed  for 
this  environment.  Its  advanced 
switch-based  architecture 
features  a  scalable  content 
switching  engine  with  hardware- 
based  DoS  protection  delivering 
the  industry’s  most  powerful 
and  secure  application 
switching  solution. 


PC  Appliances  Cannot  Match  the 
Power  and  Flexibility  of  the  Sami/J/a/J 


THE  S  ERVERl  RON 
Family  of  Products 
Also  Includes: 


,  PERFORMANCE  UPG RAD EAB  1 LITY 

X 

1  IN-SERVICE  PCRT  EXPANDABILITY 

X 

1D-GE  SUPPORT,  >1D  GPBS  THROUGHPUT 

X 

HIGH-DENSITY  DIRECT  SERVER  FAN-DUT 

v' 

X 

HARDWARE-BASED  CONNECTION 

MANAGEMENT  AND  DOS  PROTECTION 

X 

WIRE-SPEED  L2/L3  FORWARDING  AND  ACLS 

X 

SERVERlRON  450  AND  S5Q 


m 

FOUNDRY 

NETWORKS 

The  Power  of  Performance™ 


S  ERVERl  RDNXL 


SERVERlRDNSA  ACCELERATORS 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions 
including  Layer  2/3  LAN  switches,  Layer  3  Backbone  switches,  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 


FOR  MORE  INFORMATION  PLEASE  CALL:  US/CANADA  1  888  TURBOLANI,  .  <• 

INTERNATIONAL  +1  408.586.  1  700  OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNtfT.COM/SlE 


FEEL  THE  POWER  OF  LINUX. 

Introducing  the  IBM  eServer™  OpenPower™  system.  With  this  server,  you  can 
have  it  all.  Power  Architecture™  technology  and  the  Linux®  operating  system. 
Outstanding  reliability  features  and  64-bit  computing.  This  is  what  you’ve 
been  waiting  for.  A  server  specifically  enhanced  for  Linux.  It’s  a  purist’s 
dream.  It’s  instant  entree  into  the  Linux  movement.  And  it’s  an  affordable  way 
to  adopt  Power  Architecture  technology  on  demand.  Join  the  movement  at 
ibm.com/eserver/pumpup 
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